Vulnerability Details CVE-2004-0240
Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files via a .. (dot dot) in the shop_closed_file argument to auth.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.5%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2004-0240
-
cpe:2.3:a:qualiteam:x-cart:3.2.0
-
cpe:2.3:a:qualiteam:x-cart:3.2.1
-
cpe:2.3:a:qualiteam:x-cart:3.3.0
-
cpe:2.3:a:qualiteam:x-cart:3.3.2
-
cpe:2.3:a:qualiteam:x-cart:3.4.0
-
cpe:2.3:a:qualiteam:x-cart:3.4.11
-
cpe:2.3:a:qualiteam:x-cart:3.4.3