CVE-2006-4218

Exploit

EPSS 1.4%
Published 17.08.2006 23:04:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier allows remote attackers to include and possibly execute arbitrary local files via directory traversal sequences in the typefilter parameter.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Zen Cart ≫ Zen Cart Version1.2.0d

Zen Cart ≫ Zen Cart Version1.2.1_patch1

Zen Cart ≫ Zen Cart Version1.2.1d

Zen Cart ≫ Zen Cart Version1.2.2d

Zen Cart ≫ Zen Cart Version1.2.3d

Zen Cart ≫ Zen Cart Version1.2.4.1

Zen Cart ≫ Zen Cart Version1.2.4d

Zen Cart ≫ Zen Cart Version1.2.5d

Zen Cart ≫ Zen Cart Version1.2.6d

Zen Cart ≫ Zen Cart Version1.3.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.4%	0.797

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/21484

Patch

Vendor Advisory

http://www.gulftech.org/?node=research&article_id=00109-08152006

Exploit

http://www.vupen.com/english/advisories/2006/3283

http://www.securityfocus.com/bid/19543

https://exchange.xforce.ibmcloud.com/vulnerabilities/28395

https://nvd.nist.gov/vuln/detail/CVE-2006-4218

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4218

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4218

EUVD