header-logo
Suggest Exploit
vendor:
Shopping Cart
by:
SecurityFocus
6.4
CVSS
MEDIUM
Insecure Relative Path
22
CWE
Product Name: Shopping Cart
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Hassan Consulting Shopping Cart Insecure Relative Path Vulnerability

The $page variable in Hassan Consulting Shopping Cart does not properly check for insecure relative paths such as the double dot '..'. Therefore, requesting the following URL will display the specified file: http://target/cgi-bin/shop.cgi/page=../../../path/filename.ext Successful exploitation could lead to a remote intruder gaining read access to any known file.

Mitigation:

Ensure that all relative paths are properly checked and validated before being used.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1777/info

The $page variable in Hassan Consulting Shopping Cart does not properly check for insecure relative paths such as the double dot "..". Therefore, requesting the following URL will display the specified file:

http://target/cgi-bin/shop.cgi/page=../../../path/filename.ext

Successful exploitation could lead to a remote intruder gaining read access to any known file.

Navigation

Suggest Exploit

Services By CQR