Path Traversal Vulnerability in KonaKart eCommerce Platform Allows Unauthorized File Access and Server Compromise

Path Traversal Vulnerability in KonaKart eCommerce Platform Allows Unauthorized File Access and Server Compromise

CVE-2017-17108 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8.7 and earlier could allow an attacker to download system files, as well as upload specially crafted JSP files and in turn gain access to the server.

Learn more about our Cis Benchmark Audit For Server Software.