MobileCartly 1.0 <= 远程代码执行 作者: Jean Pascal Pereira <pereira@secbiz.de> 程序介绍 "MobileCartly is an Open Source Mobile Shopping Cart Software." Vendor URI: http://www.mobilecartly.com 风险等级: High 程序受远程代码执行 漏洞 影响 www.2cto.com shoppingcart/add.php, line 9: if( isset( $_COOKIE['MCCHECKOUT'] ) ) { $checkout = unserialize($_COOKIE['MCCHECKOUT']); $checkout[] = $product; setcookie('MCCHECKOUT', serialize($checkout), time()+10800); ------------------------------------- 解决方案: Perform some input validation to get control over the serialized data. As end-user you should at least keep your PHP version up to date. 2。标题: MobileCartly 1.0 <= 任意文件删除 作者: GoLd_M 下载 : http://mobilecartly.com/mobilecartly.zip 影响版本: 1.0 # Category:: Arbitrary Delete Vulnerability 测试平台: Xp SP 2 测试方法: [MobileCartly 1.0]/includes/deletepage.php?deletepage=[File] # Code Page /includes/deletepage.php # <? # # $page = "pages/" . $_REQUEST['deletepage']; <<---XXX # # unlink($page); <<---XXX[Booooom] # # # ?>
查看更多关于MobileCartly 1.0 远程代码执行及任意文件删除漏洞的详细内容...