OsCommerce Directory Traversal Network Vulnerability

Summary

The remote host is running osCommerce, a widely installed open source shopping e-commerce solution. The remote version of this software is vulnerable to a directory traversal flaw which may be exploited by an attacker to read arbitrary files on the remote server with the privileges of the web server.

Solution

Upgrade to a newer version of this software

Severity

Classification

CVE CVE-2004-2021

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Admidio get_file.php Remote File Disclosure Vulnerability
Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
Adobe ColdFusion HTTP Response Splitting Vulnerability
Apache Tiles Multiple XSS Vulnerability
Allaire JRun directory browsing vulnerability

osCommerce directory traversal

Take action and discover your vulnerabilities