Description
Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter.
Exploits (1)
References (2)
Core 2
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/14479
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112327874920062&w=2
Scores
EPSS
0.0305
EPSS Percentile
86.8%
Details
Status
published
Products (1)
comdev/comdev_ecommerce
3.0
Published
Aug 10, 2005
Tracked Since
Feb 18, 2026