Lucene search
HistoryAug 17, 2006 - 11:04 p.m.
CVE-2006-4218
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.006
Percentile
79.5%
Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier allows remote attackers to include and possibly execute arbitrary local files via directory traversal sequences in the typefilter parameter.
Affected configurations
Node
zen_cartzen_cartMatch1.2.0d
ORzen_cartzen_cartMatch1.2.1_patch1
ORzen_cartzen_cartMatch1.2.1d
ORzen_cartzen_cartMatch1.2.2d
ORzen_cartzen_cartMatch1.2.3d
ORzen_cartzen_cartMatch1.2.4.1
ORzen_cartzen_cartMatch1.2.4d
ORzen_cartzen_cartMatch1.2.5d
ORzen_cartzen_cartMatch1.2.6d
ORzen_cartzen_cartMatch1.3.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zen_cart | zen_cart | 1.2.0d | cpe:2.3:a:zen_cart:zen_cart:1.2.0d:*:*:*:*:*:*:* |
| zen_cart | zen_cart | 1.2.1_patch1 | cpe:2.3:a:zen_cart:zen_cart:1.2.1_patch1:*:*:*:*:*:*:* |
| zen_cart | zen_cart | 1.2.1d | cpe:2.3:a:zen_cart:zen_cart:1.2.1d:*:*:*:*:*:*:* |
| zen_cart | zen_cart | 1.2.2d | cpe:2.3:a:zen_cart:zen_cart:1.2.2d:*:*:*:*:*:*:* |
| zen_cart | zen_cart | 1.2.3d | cpe:2.3:a:zen_cart:zen_cart:1.2.3d:*:*:*:*:*:*:* |
| zen_cart | zen_cart | 1.2.4.1 | cpe:2.3:a:zen_cart:zen_cart:1.2.4.1:*:*:*:*:*:*:* |
| zen_cart | zen_cart | 1.2.4d | cpe:2.3:a:zen_cart:zen_cart:1.2.4d:*:*:*:*:*:*:* |
| zen_cart | zen_cart | 1.2.5d | cpe:2.3:a:zen_cart:zen_cart:1.2.5d:*:*:*:*:*:*:* |
| zen_cart | zen_cart | 1.2.6d | cpe:2.3:a:zen_cart:zen_cart:1.2.6d:*:*:*:*:*:*:* |
| zen_cart | zen_cart | 1.3.0.2 | cpe:2.3:a:zen_cart:zen_cart:1.3.0.2:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.006
Percentile
79.5%
Related for NVD:CVE-2006-4218