Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> CGI abuses >> osCommerce directory traversal


Vulnerability Assessment Details

osCommerce directory traversal

Vulnerability Assessment Summary
Determine if osCommerce is vulnerable to dir traversal

Detailed Explanation for this Vulnerability Assessment

The remote host is running osCommerce, a widely installed open source
shopping e-commerce solution.

The remote version of this software is vulnerable to a directory traversal
flaw which may be exploited by a possible hacker to read arbitrary files
on the remote server with the rights of the web server.

Solution : Upgrade to a newer version of this software
Network Security Threat Level: Medium

Networks Security ID: 10364

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 David Maciejak

Cables, Connectors

Dell Genuine OEM 9Cell 97WHR 71R31 Battery 11.1V E6440 E6540 M2800 312-1443
$39.99
Dell Genuine OEM 9Cell 97WHR 71R31 Battery 11.1V E6440 E6540 M2800 312-1443 pictureLOT OF 20 OEM DELL PRECISION T3420 OPTIPLEX 5040 SFF SATA POWER CABLE ODD HG2F3
$99.95
LOT OF 20 OEM DELL PRECISION T3420 OPTIPLEX 5040 SFF SATA POWER CABLE ODD HG2F3 pictureGENUINE OEM DELL PRECISION T3420 OPTIPLEX 5040 SFF SATA POWER CABLE ODD HG2F3
$9.95
GENUINE OEM DELL PRECISION T3420 OPTIPLEX 5040 SFF SATA POWER CABLE ODD HG2F3 picture*Genuine Dell* DA210PE1-00 D846D 19.5V 10.8A AC Power Adapter/Charger OEM
$24.99
*Genuine Dell* DA210PE1-00 D846D 19.5V 10.8A AC Power Adapter/Charger OEM picture


Discussions

No Discussions have been posted on this vulnerability.