1. Home
  2. CVE Database
  3. CVE-2006-3488
MEDIUM · 5.0

CVE-2006-3488

Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in ...

Vulnerability Description

Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in the Pasta parameter when link=util, acao=ftp, and acaba=sim.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
VirtuastoreVirtuastore2.0

References

FAQ

What is CVE-2006-3488?

CVE-2006-3488 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in ...

How severe is CVE-2006-3488?

CVE-2006-3488 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-3488?

Check the references section above for vendor advisories and patch information. Affected products include: Virtuastore Virtuastore.