Lucene search
China National Vulnerability DatabaseCNVD-2023-29391HistoryApr 11, 2023 - 12:00 a.m.
Online Computer and Laptop Store Path Traversal Vulnerability
2023-04-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
online computer and laptop store
path traversal
vulnerability
carlo montero
personal developer
master.php
delete image
file paths
exploited
attacker
arbitrary files
web request
underlying file system
0.001 Low
EPSS
Percentile
47.6%
Online Computer and Laptop Store is an online computer and laptop store from Carlo Monteroβs personal developer. A path traversal vulnerability exists in Online Computer and Laptop Store v1.0. The vulnerability stems from the fact that the parameter path in the file /classes/Master.php?f=delete_img does not properly filter special elements in the resource or file paths, and could be exploited by an attacker to retrieve arbitrary files from the underlying file system via a specially designed web request to retrieve arbitrary files from the underlying file system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| carlo montero online computer and laptop store v | eq | 1.0 |
Related
cve
cve
CVE-2023-1956
2023-04-08 10:15:07
nvd
nvd
CVE-2023-1956
2023-04-08 10:15:07
prion
prion
Path traversal
2023-04-08 10:15:00
cvelist
cvelist