Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.70 and earlier allows remote attackers to read arbitrary files via a … (dot dot) in the template parameter in a template action.
CPE | Name | Operator | Version |
---|---|---|---|
cauposhop_classic | eq | 3.01 | |
cauposhop_pro | eq | 2.0 | |
cauposhop_pro | le | 3.70 | |
cauposhop_pro | eq | 2.1 |