Описание
Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.
Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-4655
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36389
- http://jvn.jp/jp/JVN%2320452446/index.html
- http://osvdb.org/40146
- http://osvdb.org/40147
- http://secunia.com/advisories/26614
- http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20070823212803
- http://www.securityfocus.com/bid/25500
Связанные уязвимости
Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.