Vulnerability Details CVE-2004-0293
Directory traversal vulnerability in ShopCartCGI 2.3 allows remote attackers to retrieve arbitrary files via a .. (dot dot) in a HTTP request to (1) gotopage.cgi or (2) genindexpage.cgi.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.049
EPSS Ranking 89.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=107703602707450&w=2
- http://www.securityfocus.com/bid/9670
- http://www.zone-h.org/en/advisories/read/id=3962/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14982
- http://marc.info/?l=bugtraq&m=107703602707450&w=2
- http://www.securityfocus.com/bid/9670
- http://www.zone-h.org/en/advisories/read/id=3962/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14982
Products affected by CVE-2004-0293
-
cpe:2.3:a:shopcartcgi:shopcartcgi:2.3