CVE-2015-3301 in TheCartPress eCommerce Shopping Cartinformação

Sumário

de MITRE

Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. (dot dot) in the tcp_box_path parameter in the checkout_editor_settings page to wp-admin/admin.php.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

13/04/2015

Divulgação

14/05/2015

Moderação

aceite

Entrada

VDB-75398

CPE

pronto

CWE

CWE-22 (confirmado)

Exploração

Descarregar

CVSS

4.0 (NVD)

EPSS

0.09101

KEV

não

Atividades

muito baixo

Sector

Transportation, Telecommunication, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-3301
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-3301
CVE Details	https://www.cvedetails.com/cve/CVE-2015-3301/

◂ Voltar Visão Geral Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!