TomatoCart 'json.php' Security Bypass Vulnerability

TomatoCart is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions and create files with arbitrary shell script which may aid in further attacks.

TomatoCart versions 1.1.5 and 1.1.8 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus