| VID |
21286 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The ShopCartCGI has a remote file disclosure vulnerability.
ShopCartCGI is a set of scripts written in Perl for the design and maintenance of a eCommerce Shopping Cart system for Linux and Unix-based operating systems. ShopCartCGI version 2.3 could allow a remote attacker to retrieve arbitrary files on the affected Web server, caused by insufficient validation of user-supplied input. A remote attacker can read any readable files on a vulnerable Web server via the dot dot(..) sequences as the followings:
http://[target]/directory/gotopage.cgi?13686+/../../../../../../../../../../../../../../../../etc/passwd
http://[target]/directory/genindexpage.cgi?13687+Home+/../../../../../../../../../../../../../../../../etc/passwd
* References:
http://www.zone-h.org/advisories/read/id=3962
http://www.securiteam.com/unixfocus/5UP0D20C0G.html
http://www.ggmate.com/ShopCartCGISoftware/
* Platforms Affected:
Joe Spanicek ShopCartCGI 2.3
Linux Any version
Unix Any version |
| Recommendation |
No upgrade or patch available as of June 2014. |
| Related URL |
CVE-2004-0293 (CVE) |
| Related URL |
9670 (SecurityFocus) |
| Related URL |
14982 (ISS) |
|
