CVE-2010-0957

2010-03-0920:00:00

mitre

www.cve.org

7.2 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.1%

JSON

Directory traversal vulnerability in content.php in Saskia’s Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter.

References

packetstormsecurity.org/1002-exploits/saskiashopsystem-lfi.txt

www.exploit-db.com/exploits/11433

www.securityfocus.com/bid/38574

exchange.xforce.ibmcloud.com/vulnerabilities/56358