In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.exploit-db.com/exploits/47315 | |
https://zerodays.lol/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-09T01:00:56
Updated: 2024-08-05T01:10:41.095Z
Reserved: 2019-09-08T00:00:00
Link: CVE-2019-16123
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-09-09T02:15:10.267
Modified: 2024-02-14T01:17:43.863
Link: CVE-2019-16123
Redhat
No data.