Описание
Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.
Комментарий
Additional information can be found at: http://www.securityfocus.com/bid/25500/info
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.51 (включая)
cpe:2.3:a:cgi-rescue:shopping_basket_professional:*:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00223
Низкий
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.
EPSS
Процентиль: 45%
0.00223
Низкий
5 Medium
CVSS2
Дефекты
CWE-22