CVE-2007-5364

Опубликовано: 11 окт. 2007

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

Directory traversal vulnerability in payments/ideal_process.php in the iDEAL transaction handler in ViArt Shopping Cart allows remote attackers to have an unknown impact via directory traversal sequences in the filename parameter to the createCertFingerprint function. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for payments/ideal_process.php

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:viart:shopping_cart:*:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.0064

Низкий

10 Critical

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-67gw-qj66-75p7

github

почти 4 года назад

** DISPUTED ** Directory traversal vulnerability in payments/ideal_process.php in the iDEAL transaction handler in ViArt Shopping Cart allows remote attackers to have an unknown impact via directory traversal sequences in the filename parameter to the createCertFingerprint function. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for payments/ideal_process.php.