Comdev eCommerce ‘WCE.Download.PHP’ 目录遍历漏洞-安全小百科

Comdev eCommerce ‘WCE.Download.PHP’ 目录遍历漏洞

漏洞ID	1108972	漏洞类型	路径遍历
发布时间	2005-08-05	更新时间	2005-10-20
CVE编号	CVE-2005-2543	CNNVD-ID	CNNVD-200508-093
漏洞平台	PHP	CVSS评分	5.0

|漏洞来源

https://www.exploit-db.com/exploits/26080
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200508-093

|漏洞详情

ComdeveCommerce3.0中的wce.download.php存在目录遍历漏洞。这使得远程攻击者可以借助于下载参数中的..(参数值包含’..’)下载任意文件。

|漏洞EXP

source: http://www.securityfocus.com/bid/14479/info

Comdev eCommerce is prone to a directory traversal vulnerability.

A remote unauthorized user can disclose the contents of arbitrary local files through the use of directory traversal strings '../' relative to the Web application's root path. Exploitation of this vulnerability could lead to a loss of confidentiality.

http://www.vulnerable.com/oneadmin/faqsupport/wce.download.php?download=../../config.php

|参考资料

来源:BID
名称:14479
链接:http://www.securityfocus.com/bid/14479
来源:BUGTRAQ
名称:20050805ComdeveCommercewce.download.phpDownloadVulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=112327874920062&w;=2

相关推荐: EZ Server Long Argument Local Denial Of Service Vulnerability

EZ Server Long Argument Local Denial Of Service Vulnerability 漏洞ID 1100519 漏洞类型 Boundary Condition Error 发布时间 2003-03-31 更新时间 2003…

文章版权归作者所有，未经允许请勿转载。

THE END