ViArt Shop 4.2.1 Mullti Vulnerability
=====================================
Author : indoushka
Vondor : www.viart.com/
Dork   : PHP Ecommerce Solutions by ViArt
=========================================

XSS :
C:\AppServ\www\viart\articles_rss.php
Line : 190
echo
$xml

Remote/Local File Inclusion :

C:\AppServ\www\viart\ads.php
Line :21
include_once
$language_code
C:\AppServ\www\viart\ads_compare.php
Line : 20
include_once
$language_code
C:\AppServ\www\viart\ads_details.php 
Line : 21
include_once
$language_code
C:\AppServ\www\viart\friendly_url.php
Line : 266
include_once
$page_name
C:\AppServ\www\viart\index.php
Line :17
include_once
$language_code

Sql Injection :

C:\AppServ\www\viart\ads.php
Line :68
mysqli::query
$sql
C:\AppServ\www\viart\ads_details.php
Line :59
mysqli::query
$sql

File Access :
C:\AppServ\www\viart\download.php
Line : 226
fopen
$download_path
C:\AppServ\www\viart\install.php
Line : 227
fopen
$dump_sql

File Upload :
C:\AppServ\www\viart\user_forum_attachments.php
Line : 153
move_uploaded_file
$tmp_name,$filepath,$new_filename,$filepath,$errors,$filepath,$filepath,$errors,$filepath

Editor Upload :

http://localhost/viart/editor/editor_upload.html
http://localhost/viart/editor/editor_select.html
http://localhost/viart/js/dialogs/insert_image.html

http://127.0.0.1/viart/images/editor/oo.jpg

R/L inclusion :

http://127.0.0.1/viart/editor/editor_select.php?root_dir=../images/WYSIWYG