exploitDog

CVE-2004-0241

Опубликовано: 23 нояб. 2004

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php.

Ссылки

http://marc.info/?l=bugtraq&m=107582648326448&w=2
http://www.securityfocus.com/bid/9560
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15034
http://marc.info/?l=bugtraq&m=107582648326448&w=2
http://www.securityfocus.com/bid/9560
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15034

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:qualiteam:x-cart:3.2.0:*:*:*:*:*:*:*

cpe:2.3:a:qualiteam:x-cart:3.2.1:*:*:*:*:*:*:*

cpe:2.3:a:qualiteam:x-cart:3.3.0:*:*:*:*:*:*:*

cpe:2.3:a:qualiteam:x-cart:3.3.2:*:*:*:*:*:*:*

cpe:2.3:a:qualiteam:x-cart:3.4.0:*:*:*:*:*:*:*

cpe:2.3:a:qualiteam:x-cart:3.4.3:*:*:*:*:*:*:*

cpe:2.3:a:qualiteam:x-cart:3.4.11:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10297

Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-v4h7-vp6f-m3c3

github

почти 4 года назад

X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php.

EPSS

Процентиль: 93%

0.10297

Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other