MidnightBSD

Advisories for caupo

CVE-2011-4832 HIGH

Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.70 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter in a template action.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
caupo cauposhop_pro 2.0
caupo cauposhop_classic 3.01
caupo cauposhop_pro *
caupo cauposhop_pro 2.1