CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2543

Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.031

EPSS Ranking 86.2%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=112327874920062&w=2
http://www.securityfocus.com/bid/14479
http://marc.info/?l=bugtraq&m=112327874920062&w=2
http://www.securityfocus.com/bid/14479

Products affected by CVE-2005-2543

Comdev » Comdev Ecommerce » Version: 3.0

cpe:2.3:a:comdev:comdev_ecommerce:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2543

Products

Pricing

Contact Us