PayProCart Profindcode phpinfo disclosure

Saturday, April 09, 2005
###################################################
PayProcart 3.x phpinfo disclosure
vendor url:http://www.profitcode.net/products/payprocart.html
vendor notified: yes exploit avaible: yes
original advisore:http://lostmon.blogspot.com/2005/04/
payprocart-profindcode-phpinfo.html
OSVDB ID:15422
Secunia: SA14832
###################################################


PayProcart installs a filed called phpinfos.php in the webroot folder
by default, this file calls phpinfo()
This reveals very intimate configuration data of the server running php:


http://[target]/path_to_store/phpinfos.php

solution:

delete this file or edit to established the correct access


thnx to estrella she is always in my mind
thnx to all who support me day at day
thnx to osvdb.org

--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Data Mangle of: http://www.osvdb.org

La curiosidad es lo que hace mover la mente....
 

Browse

About:Me

My blog:http://lostmon.blogspot.com
Mail:Lostmon@gmail.com
Lostmon Google group
Lostmon@googlegroups.com

La curiosidad es lo que hace
mover la mente...