Lucene search

[email protected]NVD:CVE-2007-5364

HistoryOct 11, 2007 - 1:17 a.m.

CVE-2007-5364

2007-10-1101:17:00

CWE-22

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.7%

JSON

Directory traversal vulnerability in payments/ideal_process.php in the iDEAL transaction handler in ViArt Shopping Cart allows remote attackers to have an unknown impact via directory traversal sequences in the filename parameter to the createCertFingerprint function. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for payments/ideal_process.php

Affected configurations

NVD

Node

viartshopping_cart

References

securityreason.com/securityalert/3212

www.securityfocus.com/archive/1/481658/100/0/threaded

www.securityfocus.com/archive/1/481848

www.securityfocus.com/bid/25998

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for NVD:CVE-2007-5364

cvelist2 cve2 prion2 nvd1