Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.10532
Categoría:Remote file access
Título:eXtropia Web Store remote file retrieval
Resumen:eXtropia's Web Store shopping cart program allows the remote; file retrieval of any file that ends in a .html extension. Further, by supplying a URL with an; embedded null byte, the script can be made to retrieve any file at all.
Descripción:Summary:
eXtropia's Web Store shopping cart program allows the remote
file retrieval of any file that ends in a .html extension. Further, by supplying a URL with an
embedded null byte, the script can be made to retrieve any file at all.

Solution:
No known solution was made available for at least one year since the
disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to
upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: BugTraq ID: 1774
Common Vulnerability Exposure (CVE) ID: CVE-2000-1005
http://www.securityfocus.com/bid/1774
Bugtraq: 20001009 Security Advisory : eXtropia WebStore (web_store.cgi) Directory Traversal Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/138495
XForce ISS Database: extropia-webstore-fileread(5347)
https://exchange.xforce.ibmcloud.com/vulnerabilities/5347
CopyrightCopyright (C) 2000 Thomas Reinke

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.