Online Computer and Laptop Store is an online computer and laptop store from Carlo Monteroβs personal developer. A path traversal vulnerability exists in Online Computer and Laptop Store v1.0. The vulnerability stems from the fact that the parameter path in the file /classes/Master.php?f=delete_img does not properly filter special elements in the resource or file paths, and could be exploited by an attacker to retrieve arbitrary files from the underlying file system via a specially designed web request to retrieve arbitrary files from the underlying file system.
CPE | Name | Operator | Version |
---|---|---|---|
carlo montero online computer and laptop store v | eq | 1.0 |