6.7 Medium
AI Score
Confidence
Low
0.098 Low
EPSS
Percentile
94.9%
Directory traversal vulnerability in json.php in TomatoCart 1.2.0 Alpha 2 and possibly earlier allows remote attackers to read arbitrary files via a … (dot dot) in the module parameter in a “3” action.
osvdb.org/80689
packetstormsecurity.org/files/111291/TomatoCart-1.2.0-Alpha-2-Local-File-Inclusion.html
www.mavitunasecurity.com/local-file-inclusion-vulnerability-in-tomatocart/
www.securityfocus.com/bid/52766
exchange.xforce.ibmcloud.com/vulnerabilities/74459