# TITLE ....... # Information disclosure in Quick.Cart_v5.0
# DATE ........ # 18.03.2012
# AUTOHR ...... # http://hauntit.blogspot.com
# SOFT LINK ... # http://http://opensolution.org/
# VERSION ..... # 5.0
# TESTED ON ... # LAMP
# ----------------------------------------------------------------------- #
# 1. What is this?
# 2. What is the type of vulnerability?
# 3. Where is bug :)
# 4. More...
-----------------------------------------------------------
# 1. What is this?
"Fast and simple shopping cart". You should try it! ;)
# ----------------------------------------------------------- #
# 2. What is the type of vulnerability?
Set cookie to "http://somethi.ng" to see:
"Warning: session_start(): The session id is too long or contains illegal characters,
valid characters are a-z, A-Z, 0-9 and '-,' in /www/Quick.Cart_v5.0/index.php on line 17 "
# ----------------------------------------------------------- #
# 3. Where is bug :)
# ----------------------------------------------------------- #
# 4. More...
- http://hauntit.blogspot.com
- http://www.google.com
- http://portswigger.net
# ----------------------------------------------------------- #
# Best regards
#
No comments:
Post a Comment
What do You think...?