CVE-2004-0293

ShopCartCGI 2.3 - Directory Traversal via gotopage.cgi or genindexpage.cgi

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2004-0293. PoCs published by G00db0y.

AI-analyzed exploit summary The provided text describes a directory traversal vulnerability in ShopcartCGI, allowing remote file disclosure via insufficient input validation. The example URL demonstrates accessing '/etc/passwd' through path traversal sequences.

Description

Directory traversal vulnerability in ShopCartCGI 2.3 allows remote attackers to retrieve arbitrary files via a .. (dot dot) in a HTTP request to (1) gotopage.cgi or (2) genindexpage.cgi.

Exploits (2)

exploitdb WRITEUP VERIFIED
by G00db0y · textwebappscgi
https://www.exploit-db.com/exploits/23706

The provided text describes a directory traversal vulnerability in ShopcartCGI, allowing remote file disclosure via insufficient input validation. The example URL demonstrates accessing '/etc/passwd' through path traversal sequences.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: ShopcartCGI (version unspecified)
No auth needed
Prerequisites: Network access to the vulnerable CGI script
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by G00db0y · textwebappscgi
https://www.exploit-db.com/exploits/23705

The exploit describes a directory traversal vulnerability in ShopcartCGI, allowing remote file disclosure via insufficient input validation. The provided URL demonstrates accessing '/etc/passwd' through path traversal sequences.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: ShopcartCGI (version unspecified)
No auth needed
Prerequisites: Network access to the vulnerable ShopcartCGI instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/14982
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9670
Various Sources x_refsource_misc
http://www.zone-h.org/en/advisories/read/id=3962/
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107703602707450&w=2

Scores

EPSS 0.0795
EPSS Percentile 94.0%

Details

Status published
Products (1)
shopcartcgi/shopcartcgi 2.3
Published Nov 23, 2004
Tracked Since Feb 18, 2026