Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 21/07/2007 Updated: 29/09/2017

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 645

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and previous versions, and possibly 0.71, allows remote malicious users to delete arbitrary files via unspecified filename references in the delfiles parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
a-shop a-shop

A-shop <=070 Multiple vulnerabilities Found Bug: Timq site:private-nodenet email:timq@hushmailcom Vendor:wwwrammdevcom/ashop/ PoC: sitecom/admin/filebrowserasp?folder=products&delfiles=[del any file on server] It is possible to delete not only the files in the folders listed, but also ouside its directory Al ...

CWE-22 http://www.securityfocus.com/bid/24971 http://secunia.com/advisories/26126 https://exchange.xforce.ibmcloud.com/vulnerabilities/35483 https://www.exploit-db.com/exploits/4198 https://nvd.nist.gov https://www.exploit-db.com/exploits/4198/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3936

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect