Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in cache.php in osCommerce before 2.2 Milestone 2 060817 allow remote attackers to determine existence of arbitrary files and disclose the installation path via a .. (dot dot) in unspecified parameters in the (1) tep_cache_also_purchased, (2) tep_cache_manufacturers_box, and (3) tep_cache_categories_box functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Milestone osCommerce 'cache.php'多个目录遍历漏洞
Vulnerability Description
osCommerce 2.2 Milestone 2 060817之前版本的cache.php脚本存在多个目录遍历漏洞,远程攻击者可借助(1) tep_cache_also_purchased,(2) tep_cache_manufacturers_box和 (3) tep_cache_categories_box函数中不明参数(该参数中包含..)来确定任意文件存在,并泄露安装路径。
CVSS Information
N/A
Vulnerability Type
N/A