CVE-2017-17108

CRITICAL

KonaKart eCommerce <8.7 - Path Traversal

Title source: llm
STIX 2.1

Description

Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8.7 and earlier could allow an attacker to download system files, as well as upload specially crafted JSP files and in turn gain access to the server.

References (1)

Core 1
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/541742/100/0/threaded

Scores

CVSS v3 9.8
EPSS 0.0220
EPSS Percentile 80.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (1)
konakart/konakart < 8.7.0.0
Published Feb 03, 2018
Tracked Since Feb 18, 2026