CVE-2006-0922 - CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because

CVE-2006-0922

Summary

CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php (aka upload.php) that allows remote attackers to upload arbitrary files via a modified CurrentFolder parameter in a direct request to admin/filemanager/upload.php.

References

Vulnerable Configurations

cpe:2.3:a:devellion:cubecart:3.0.0_alpha:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.0_alpha:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.0_alpha-2:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.0_alpha-2:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.0_alpha-rgf:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.0_alpha-rgf:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.0_beta:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.0_beta:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.0_final:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.0_final:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:devellion:cubecart:3.0.6:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 18-10-2018 - 16:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:P/A:N

refmap via4

bid	16796
bugtraq	20060223 NSA Group Security Advisory NSAG-¹197-23.02.2006 Vulnerability CubeCart 3.0.0 ? 3.0.6
confirm	http://www.cubecart.com/site/forums/index.php?showtopic=14704
misc	http://www.cubecart.com/site/forums/index.php?showtopic=14817 http://www.cubecart.com/site/forums/index.php?showtopic=14825 http://www.cubecart.com/site/forums/index.php?showtopic=14960 http://www.cubecart.com/site/forums/index.php?showtopic=14972 http://www.nsag.ru/vuln/892.html
sreason	482
xf	cubecart-connector-file-include(24883)

Last major update

18-10-2018 - 16:29

Published

28-02-2006 - 11:02

Last modified

18-10-2018 - 16:29