CVE-2007-1126

Directory traversal vulnerability in index.php in xtcommerce allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:xt-commerce:xt-commerce:*:*:*:*:*:*:*:*
cpe:2.3:a:xt-commerce:xt-commerce:2.0:rc1.2:*:*:*:*:*:*

History

21 Nov 2024, 00:27

Type Values Removed Values Added
References () http://osvdb.org/33758 - Broken Link () http://osvdb.org/33758 - Broken Link
References () http://secunia.com/advisories/24301 - Broken Link () http://secunia.com/advisories/24301 - Broken Link
References () http://securityreason.com/securityalert/2294 - Third Party Advisory () http://securityreason.com/securityalert/2294 - Third Party Advisory
References () http://www.securityfocus.com/archive/1/461073/100/0/threaded - Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/461073/100/0/threaded - Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/22698 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/22698 - Third Party Advisory, VDB Entry
References () http://www.vupen.com/english/advisories/2007/0746 - Broken Link () http://www.vupen.com/english/advisories/2007/0746 - Broken Link
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/32656 - VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/32656 - VDB Entry

19 Mar 2024, 17:46

Type Values Removed Values Added
References () http://osvdb.org/33758 - () http://osvdb.org/33758 - Broken Link
References () http://secunia.com/advisories/24301 - () http://secunia.com/advisories/24301 - Broken Link
References () http://securityreason.com/securityalert/2294 - () http://securityreason.com/securityalert/2294 - Third Party Advisory
References () http://www.securityfocus.com/archive/1/461073/100/0/threaded - () http://www.securityfocus.com/archive/1/461073/100/0/threaded - Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/22698 - () http://www.securityfocus.com/bid/22698 - Third Party Advisory, VDB Entry
References () http://www.vupen.com/english/advisories/2007/0746 - () http://www.vupen.com/english/advisories/2007/0746 - Broken Link
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/32656 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/32656 - VDB Entry
CPE cpe:2.3:a:xt-commerce:xt-commerce_community_made_shopping:*:rc_1.2:*:*:*:*:*:* cpe:2.3:a:xt-commerce:xt-commerce:*:*:*:*:*:*:*:*
cpe:2.3:a:xt-commerce:xt-commerce:2.0:rc1.2:*:*:*:*:*:*
CWE NVD-CWE-Other CWE-22
First Time Xt-commerce xt-commerce

Information

Published : 2007-02-27 02:28

Updated : 2024-11-21 00:27


NVD link : CVE-2007-1126

Mitre link : CVE-2007-1126

CVE.ORG link : CVE-2007-1126


JSON object : View

Products Affected

xt-commerce

  • xt-commerce
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')