Comdev eCommerce ‘WCE.Download.PHP’ 目录遍历漏洞

Comdev eCommerce ‘WCE.Download.PHP’ 目录遍历漏洞

漏洞ID 1108972 漏洞类型 路径遍历
发布时间 2005-08-05 更新时间 2005-10-20
图片[1]-Comdev eCommerce ‘WCE.Download.PHP’ 目录遍历漏洞-安全小百科CVE编号 CVE-2005-2543
图片[2]-Comdev eCommerce ‘WCE.Download.PHP’ 目录遍历漏洞-安全小百科CNNVD-ID CNNVD-200508-093
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/26080
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200508-093
|漏洞详情
ComdeveCommerce3.0中的wce.download.php存在目录遍历漏洞。这使得远程攻击者可以借助于下载参数中的..(参数值包含’..’)下载任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/14479/info

Comdev eCommerce is prone to a directory traversal vulnerability.

A remote unauthorized user can disclose the contents of arbitrary local files through the use of directory traversal strings '../' relative to the Web application's root path. Exploitation of this vulnerability could lead to a loss of confidentiality.

http://www.vulnerable.com/oneadmin/faqsupport/wce.download.php?download=../../config.php
|参考资料

来源:BID
名称:14479
链接:http://www.securityfocus.com/bid/14479
来源:BUGTRAQ
名称:20050805ComdeveCommercewce.download.phpDownloadVulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=112327874920062&w;=2

相关推荐: EZ Server Long Argument Local Denial Of Service Vulnerability

EZ Server Long Argument Local Denial Of Service Vulnerability 漏洞ID 1100519 漏洞类型 Boundary Condition Error 发布时间 2003-03-31 更新时间 2003…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享