Back to search
CVE-2006-4298
Published: Aug 23, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple directory traversal vulnerabilities in cache.php in osCommerce before 2.2 Milestone 2 060817 allow remote attackers to determine existence of arbitrary files and disclose the installation path via a .. (dot dot) in unspecified parameters in the (1) tep_cache_also_purchased, (2) tep_cache_manufacturers_box, and (3) tep_cache_categories_box functions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.gulftech.org/?node=research&article_id=00110-08172006
x_refsource_MISC
http://forums.oscommerce.com/index.php?showtopic=223556&pid=918371
x_refsource_CONFIRM
oscommerce-cache-directory-traversal(28435)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now