(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)

• SHDB
• 2401 阅读

• 日期：2004-11-07
• 类别：
  • Vulnerable Servers
• 作者：anonymous
• 语法：(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)

• This is a "double dork" finds two different shopping carts, both vulnerable1) Cyber-Village Online Consulting Shopping CartCyber-Village's script is known to not sanitize the user input properly which leads to code execution problems.2) Hassan Consulting's Shopping CartFor Hassan's cart it is reported that a remote user can request the 'shop.cfg' and that the script allows directory traversal.