CVE-2007-4655

CGI RESCUE Shopping Basket Pro <7.51 - Path Traversal

Title source: llm
STIX 2.1

Description

Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/40147
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/jp/JVN%2320452446/index.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36389
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/40146
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26614
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25500

Scores

EPSS 0.0184
EPSS Percentile 76.4%

Details

CWE
CWE-200 CWE-22
Status published
Products (1)
cgi-rescue/shopping_basket_professional < 7.51
Published Sep 04, 2007
Tracked Since Feb 18, 2026