CVEブラウザに戻る

CVE-2007-4655

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.1520%

EPSS Percentile34.28th

Published2007年9月4日

Last Modified2026年4月23日

Vulnerability Description

Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.

Affected Platforms (CPE)

📦

Cgi Rescue

Shopping Basket Professional

<= 7.51

References & Advisories

🔗 http://jvn.jp/jp/JVN%2320452446/index.html

🔗 http://osvdb.org/40146

🔗 http://osvdb.org/40147

🔗 http://secunia.com/advisories/26614

🔗 http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20070823212803

🔗 http://www.securityfocus.com/bid/25500

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/36389

🔗 http://jvn.jp/jp/JVN%2320452446/index.html

関連する脆弱性情報

CVE-2007-05657.5

CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via...

CVE-2007-158710.0

templates/config/mail.tpl in Tim Soderstrom StatsDawg 0.92 allows remote attackers to execute arbitrary programs by specifying the...

CVE-2007-182310.0

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling N...

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...