Description
Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter.
References (4)
Core 4
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38574
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56358
Exploit x_refsource_misc
http://packetstormsecurity.org/1002-exploits/saskiashopsystem-lfi.txt
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/11433
Scores
EPSS
0.0130
EPSS Percentile
67.1%
Details
CWE
CWE-22
Status
published
Products (1)
saskia_bruckner/saskias_shopsystem
< beta1
Published
Mar 10, 2010
Tracked Since
Feb 18, 2026