Vulnerabilities > CVE-2006-6533 - Input Validation vulnerability in Oscommerce 3.0A3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in admin/templates_boxes_layout.php in osCommerce 3.0a3 allows remote attackers to include and execute arbitrary PHP files via a .. (dot dot) in the filter parameter. NOTE: this issue can be leveraged to obtain full path information in error messages.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |