CVE-2007-4655

2007-09-0422:00:00

mitre

www.cve.org

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.9%

JSON

Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.

References

jvn.jp/jp/JVN%2320452446/index.html

osvdb.org/40146

osvdb.org/40147

secunia.com/advisories/26614

www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20070823212803

www.securityfocus.com/bid/25500

exchange.xforce.ibmcloud.com/vulnerabilities/36389