Skip to main content

Opencart <= 2.0.1.3 data leakage, path disclosure, sql tables disclosure, secure token id disclosure, man in the middle proof of concept, sql injection

http://localhost/ocit/index.php?route=module/banner
you can see a simple Notice: Undefined index: banner_id


http://localhost/ocit/index.php?route=module/bestseller
you can see a simple  Notice: Undefined index: limit 


http://localhost/ocit/index.php?route=module/carousel
you can see a simple Notice: Undefined index: banner_id


http://localhost/ocit/index.php?route=module/featured
you can see a simple  Notice: Undefined index: limit


http://localhost/ocit/index.php?route=module/gallery (non stock extension/module)
you can see a simple Notice: Undefined index: filter_banner_id

http://localhost/ocit/index.php?route=module/news (non stock extension/module)
Notice: Error: Table 'test.oc_news' doesn't exist
Error No: 1146
SELECT * FROM oc_news n LEFT JOIN oc_news_description nd ON n.news_id = nd.news_id WHERE nd.language_id = '2' AND n.status = '1' ORDER BY date_added DESC LIMIT 0,5 in system\library\db\mysqli.php on line 41 
Notice: Trying to get property of non-object in catalog\model\extension\news.php on line 26
Warning: Invalid argument supplied for foreach() in catalog\controller\module\news.php on line 19


http://localhost/ocit/index.php?route=module/slideshow
you can see a simple Notice: Undefined index: banner_id 

http://localhost/ocit/index.php?route=module/special
Notice: Undefined index: limit in catalog\controller\module\special.php on line 24Notice: Undefined index: width in catalog\controller\module\special.php on line 32Notice: Undefined index: height in catalog\controller\module\special.php on line 32Warning: imagecreatetruecolor(): Invalid image dimensions in system\library\image.php on line 86Warning: imagecolorallocate() expects parameter 1 to be resource, boolean given in system\library\image.php on line 94Warning: imagefilledrectangle() expects parameter 1 to be resource, boolean given in system\library\image.php on line 97Warning: imagecopyresampled() expects parameter 1 to be resource, boolean given in system\library\image.php on line 99Notice: Undefined index: width in catalog\controller\module\special.php on line 32Notice: Undefined index: height in catalog\controller\module\special.php on line 32Warning: imagecreatetruecolor(): Invalid image dimensions in system\library\image.php on line 86Warning: imagecolorallocate() expects parameter 1 to be resource, boolean given in system\library\image.php on line 94Warning: imagefilledrectangle() expects parameter 1 to be resource, boolean given in system\library\image.php on line 97Warning: imagecopyresampled() expects parameter 1 to be resource, boolean given in system\library\image.php on line 99


http://localhost/ocit/index.php?route=payment/authorizenet_sim
Notice: Undefined index: order_id in catalog\controller\payment\authorizenet_sim.php on line 10Notice: Undefined index: order_id in catalog\controller\payment\authorizenet_sim.php on line 13Notice: Undefined index: order_id in catalog\controller\payment\authorizenet_sim.php on line 21


http://localhost/ocit/index.php?route=payment/bluepay_hosted
Fatal error: Class 'Controllerpaymentbluepayhosted' not found

http://localhost/ocit/index.php?route=payment/firstdata
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/globalpay
Notice: Undefined index: order_id


http://localhost/ocit/index.php?route=payment/klarna_account
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/klarna_invoice
Notice: Undefined index: order_id
 
http://localhost/ocit/index.php?route=payment/liqpay
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/nochex
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/paymate
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/paypoint
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/payza
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/pp_payflow
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/pp_payflow_iframe
Notice: Undefined index: order_id in catalog\controller\payment\pp_payflow_iframe.php on line 9Notice: Undefined index: order_id in catalog\controller\payment\pp_payflow_iframe.php on line 25
INSERT INTO `oc_paypal_payflow_iframe_order` SET `order_id` = '0', `secure_token_id` = 'f61192e89c716049bb146a7a91b2acfe' in system\library\db\mysqli.php on line 41Notice: Undefined index: code in catalog\controller\payment\pp_payflow_iframe.php on line 46Notice: Undefined index: iso_code_2 in catalog\controller\payment\pp_payflow_iframe.php on line 48

http://localhost/ocit/index.php?route=payment/pp_standard
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/realex
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/realex_remote
Warning: Invalid argument supplied for foreach() in catalog\controller\payment\realex_remote.php on line 32
 
http://localhost/ocit/index.php?route=payment/securetrading_pp
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/securetrading_ws
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/skrill
Notice: Undefined index: order_id

http://localhost/ocit/index.php?route=payment/twocheckout
Notice: Undefined index: order_id

More info will be available later...
Labels:

Comments

Post a Comment

Popular posts from this blog

Moodle 3.8.1+ - path leak via errors in several files

Moodle 3.8.1+ ----------------------------------------------- File: admin/mailout-debugger.php #!/usr/bin/php Notice : Disabled. in \admin\mailout-debugger.php on line 73 File: admin/settings/appearance.php Notice : Undefined variable: hassiteconfig in \admin\settings\appearance.php on line 10 Fatal error : Uncaught Error: Call to undefined function has_any_capability() in \admin\settings\appearance.php:10 Stack trace: #0 {main} thrown in \admin\settings\appearance.php on line 10 File: admin/settings/badges.php Notice : Undefined variable: hassiteconfig in \admin\settings\badges.php on line 30 Fatal error : Uncaught Error: Call to undefined function has_any_capability() in \admin\settings\badges.php:30 Stack trace: #0 {main} thrown in \admin\settings\badges.php on line 30 File: admin/settings/courses.php Notice : Undefined variable: hassiteconfig in \admin\settings\courses.php on line 32 Fatal error : Uncaught Error: Call to undefined function
Post a Comment
Read more

2022 - Remove (the too many) Ads from Memu launcher

Simple method Download from pureapk "MEmu Launcher2" ex: MEmu Launcher2_v6.0.9_apkpure.com Install "System app remover" (root) remove from system apps the "memu launcher 2" import the "purified" MEmu Launcher2 apk with the Memu utility ("apk" on the right toolbar) Longer method Install "Export Apk" Export the memu launcher2  Install purify https://github.com/echo-devim/purify/raw/master/Purify.apk use purify with the exported memu launcher 2 Install "System app remover" (root) remove from system apps the "memu launcher 2" import the "purified" MEmu Launcher2 apk with the Memu utility ("apk" on the right toolbar)      
Post a Comment
Read more