Directory traversal

2010-03-1020:14:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

Directory traversal vulnerability in content.php in Saskia’s Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter.

CPENameOperatorVersion
saskias_shopsystemeq<= beta1

CPE	Name	Operator	Version
	saskias_shopsystem	eq	<= beta1

References

packetstormsecurity.org/1002-exploits/saskiashopsystem-lfi.txt

www.securityfocus.com/bid/38574

exchange.xforce.ibmcloud.com/vulnerabilities/56358

www.exploit-db.com/exploits/11433