JVN#96312698: osCommerce Japanese version vulnerable to directory traversal

2015-06-25T00:00:00
ID JVN:96312698
Type jvn
Reporter Japan Vulnerability Notes
Modified 2015-06-25T00:00:00

Description

## Description

osCommerce is an open source system for creating shopping websites. osCommerce Japanese version contains a directory traversal vulnerability.

## Impact

A user who can log in to the system as an administrator may obtain arbitrary files on the server.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • oscommerce-2.2ms1j-R8 and earlier