CyberSec.Space Logo
Back to CVE Browser

CVE-2007-5364

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1450%
EPSS Percentile13.28th
PublishedOct 11, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Directory traversal vulnerability in payments/ideal_process.php in the iDEAL transaction handler in ViArt Shopping Cart allows remote attackers to have an unknown impact via directory traversal sequences in the filename parameter to the createCertFingerprint function. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for payments/ideal_process.php

Affected Platforms (CPE)

πŸ“¦
Viart

Shopping Cart

All versions

References & Advisories

πŸ”— http://securityreason.com/securityalert/3212
πŸ”— http://www.securityfocus.com/archive/1/481658/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/481848
πŸ”— http://www.securityfocus.com/bid/25998
πŸ”— http://securityreason.com/securityalert/3212
πŸ”— http://www.securityfocus.com/archive/1/481658/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/481848
πŸ”— http://www.securityfocus.com/bid/25998

Related Vulnerabilities

CVE-2004-034810.0

SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL...

CVE-2007-412110.0

Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scripts Shopping Cart Script, Multi-Vendor E-Shop Script, and A...

CVE-2000-025310.0

The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fiel...

CVE-2021-341659.8

A SQL Injection vulnerability in Sourcecodester Basic Shopping Cart 1.0 allows a remote attacker to Bypass Authentication and beco...