ID de Prueba:	1.3.6.1.4.1.25623.1.0.17595
Categoría:	Web application abuses
Título:	osCommerce Directory Traversal Vulnerability
Resumen:	osCommerce is vulnerable to a directory traversal; flaw which may be exploited by an attacker to read arbitrary files; on the remote server with the privileges of the web server.
Descripción:	Summary: osCommerce is vulnerable to a directory traversal flaw which may be exploited by an attacker to read arbitrary files on the remote server with the privileges of the web server. Solution: Update to a newer version of this software. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2021 BugTraq ID: 10364 http://www.securityfocus.com/bid/10364 Bugtraq: 20040517 oscommerce 2.2 file_manager.php file browsing (Google Search) http://marc.info/?l=bugtraq&m=108482902101519&w=2 Bugtraq: 20050322 osCommerce File Manager Directory Traversal Vulnerability (Google Search) http://archives.neohapsis.com/archives/bugtraq/2005-03/0378.html http://www.excluded.org/advisories/advisory13.txt http://www.osvdb.org/6308 http://securitytracker.com/id?1010176 http://secunia.com/advisories/11624 XForce ISS Database: oscommerce-dotdot-directory-traversal(16174) https://exchange.xforce.ibmcloud.com/vulnerabilities/16174
Copyright	Copyright (C) 2005 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.