2 matches found
CVE-2004-2021
The CVE-2004-2021 issue concerns osCommerce 2.2 and its File Manager (file_manager.php). Multiple connected sources (OpenVAS NASLs and PT-Security) describe a directory traversal vulnerability that lets an attacker include a .. in the filename parameter to read arbitrary files on the web server, ...
CVE-2004-2021
Directory traversal vulnerability in filemanager.php in osCommerce 2.2 allows remote attackers to view arbitrary files via a .. dot dot in the filename argument...