CVE-2010-0957

Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Common Weakness Enumeration
References
http://packetstormsecurity.org/1002-exploits/saskiashopsystem-lfi.txt
http://www.exploit-db.com/exploits/11433
http://www.securityfocus.com/bid/38574
https://exchange.xforce.ibmcloud.com/vulnerabilities/56358
http://packetstormsecurity.org/1002-exploits/saskiashopsystem-lfi.txt
http://www.exploit-db.com/exploits/11433
http://www.securityfocus.com/bid/38574
https://exchange.xforce.ibmcloud.com/vulnerabilities/56358