CVE-2004-0240 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-0240

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files via a .. (dot dot) in the shop_closed_file argument to auth.php.

Affected Software

Name	Vendor	Start Version	End Version
X-cart	Qualiteam	3.2.0	3.2.0
X-cart	Qualiteam	3.3.2	3.3.2
X-cart	Qualiteam	3.4.3	3.4.3
X-cart	Qualiteam	3.4.11	3.4.11
X-cart	Qualiteam	3.3.0	3.3.0
X-cart	Qualiteam	3.2.1	3.2.1
X-cart	Qualiteam	3.4.0	3.4.0

References

http://marc.info/?l=bugtraq\u0026m=107582648326448\u0026w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/15033