CVE-2006-6390

Name of the Vulnerable Software and Affected Versions Open Solution Quick.Cart version 2.0

Description The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[db type] parameter to various PHP scripts, including "categories.php", "couriers.php", "orders.php", and "products.php" in "actions admin/" and "orders.php" and "products.php" in "actions client/". This can be exploited by injecting PHP sequences into an Apache HTTP Server log file, which is then included by one of these PHP scripts. The exploitation is possible when register globals is enabled and magic quotes gpc is disabled.

Recommendations For Open Solution Quick.Cart version 2.0, consider disabling the register globals setting and enabling magic quotes gpc to prevent exploitation. Additionally, restrict access to the vulnerable PHP scripts in "actions admin/" and "actions client/" directories until a patch is available. Avoid using the config[db type] parameter in the affected API endpoints until the issue is resolved.