CVE-2006-0922

Sažetak

CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php (aka upload.php) that allows remote attackers to upload arbitrary files via a modified CurrentFolder parameter in a direct request to admin/filemanager/upload.php.

Reference

http://securityreason.com/securityalert/482
http://www.cubecart.com/site/forums/index.php?showtopic=14704
http://www.cubecart.com/site/forums/index.php?showtopic=14817
http://www.cubecart.com/site/forums/index.php?showtopic=14825
http://www.cubecart.com/site/forums/index.php?showtopic=14960
http://www.cubecart.com/site/forums/index.php?showtopic=14972
http://www.nsag.ru/vuln/892.html
http://www.securityfocus.com/archive/1/425931/100/0/threaded
http://www.securityfocus.com/bid/16796
https://exchange.xforce.ibmcloud.com/vulnerabilities/24883

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

18-10-2018 - 16:29

Objavljeno

28-02-2006 - 11:02