CVE-2006-2475

CVE-2006-2475

EPSS 1.7%

Directory traversal vulnerability in (1) edit_mailtexte.cgi and (2) bestmail.cgi in Cosmoshop 8.11.106 and earlier allows remote administrators to read arbitrary files via ".." sequences in the file parameter.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://secunia.com/advisories/20177 http://securityreason.com/securityalert/919 https://exchange.xforce.ibmcloud.com/vulnerabilities/26533 http://www.osvdb.org/25647 http://www.osvdb.org/25648 http://www.securityfocus.com/archive/1/434368/100/0/threaded