Description

Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files via a .. (dot dot) in the filename argument.

Remediation

References

CVE-2004-2021

Related Vulnerabilities

OpenSSL Out-of-bounds Write Vulnerability (CVE-2016-6303)

WordPress Plugin WP Download Codes Cross-Site Scripting (2.5.1)

WordPress Plugin WPCafe-Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce Cross-Site Scripting (2.2.24)

Joomla! Core 1.7.x Cross-Site Scripting (1.7.0 - 1.7.2)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42047)

Severity

Medium

Classification

CVE-2004-2021

Tags

Missing Update Known Vulnerabilities