CVE-2012-5907

2012-11-17T16:55:05
ID CVE-2012-5907
Type cve
Reporter NVD
Modified 2017-08-28T21:32:51

Description

Directory traversal vulnerability in json.php in TomatoCart 1.2.0 Alpha 2 and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter in a "3" action.