Podatność CVE-2009-4321


Publikacja: 2009-12-14   Modyfikacja: 2012-02-13

Opis:
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
Zen Cart local file disclosure vulnerability
Bogdan Calin
16.12.2009

Typ:

CWE-20

(Improper Input Validation)

Producent: Zen-cart
Produkt: Zen cart 
Wersje: 1.3.8a; 1.3.8;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
5/10
2.9/10
10/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Częściowy
Brak
Brak

 Referencje:
http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/
http://www.securityfocus.com/archive/1/508340/100/0/threaded
http://www.securityfocus.com/bid/37283
http://www.vupen.com/english/advisories/2009/3474
http://www.zen-cart.com/forum/showthread.php?t=142784
https://exchange.xforce.ibmcloud.com/vulnerabilities/54687

Podobne CVE
CVE-2015-8352
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
CVE-2017-11675
The traverseStrictSanitize function in admin_dir/includes/classes/AdminRequestSanitizer.php in ZenCart 1.5.5e mishandles key strings, which allows remote authenticated users to execute arbitrary PHP code by placing that code into an invalid array ind...
CVE-2017-10667
In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS.
CVE-2017-8833
Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: 1.6.0 is not an official release but the vendor's README.md file offers a link to v160.zip with a description of "Download latest in-development version from github."
CVE-2011-4403
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disab...
CVE-2015-0882
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to...
CVE-2012-5808
The LinkPoint module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an a...
CVE-2012-5807
The Authorize.Net eCheck module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL serve...

Copyright 2019, cxsecurity.com

 

Back to Top