Description

Directory traversal vulnerability in index.php in OpenCart 1.1.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the route parameter.

Remediation

References

CVE-2009-1621

Related Vulnerabilities

Ruby Other Vulnerability (CVE-2014-8080)

TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4814)

PHP Numeric Errors Vulnerability (CVE-2015-2331)

CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15400)

Severity

Medium

Classification

CVE-2009-1621 CWE-22

Tags

Missing Update Known Vulnerabilities