2 matches found
osCommerce update.php readme_file Parameter Arbitrary File Disclosure
The osCommerce installation on the remote host has a supplementary script, 'extras/update.php', that fails to validate user-supplied input to the 'readmefile' parameter before using that to display a file. An attacker can exploit this flaw to read arbitrary files on the remote host, such as the...
CVE-2005-2330
CVE-2005-2330 describes a directory-traversal flaw in osCommerce 2.2, specifically in the extras/update.php script. A remote attacker can exploit the readme_file parameter by using ".." sequences or a full pathname to read arbitrary files on the server. Impact is described as the ability to acces...