CVE-2007-5364
ViArt Shopping Cart - Path Traversal via iDEAL Transaction Handler Filename Parameter
Title source: llmDescription
Directory traversal vulnerability in payments/ideal_process.php in the iDEAL transaction handler in ViArt Shopping Cart allows remote attackers to have an unknown impact via directory traversal sequences in the filename parameter to the createCertFingerprint function. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for payments/ideal_process.php
References (4)
Core 4
Core References
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3212
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/481658/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25998
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/481848
Scores
EPSS
0.0238
EPSS Percentile
81.9%
Details
CWE
CWE-22
Status
published
Products (1)
viart/shopping_cart
Published
Oct 11, 2007
Tracked Since
Feb 18, 2026