PT-2023-27500 · Unknown · Welcart E-Commerce
Shogo Kumamaru
·
Published
2023-09-26
·
Updated
2023-09-28
·
CVE-2023-40532
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Welcart e-Commerce versions 2.7 to 2.8.21
Description
The issue allows a user with author or higher privilege to obtain partial information of the files on the web server due to a path traversal vulnerability.
Recommendations
For Welcart e-Commerce versions 2.7 to 2.8.21, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Welcart E-Commerce