PHP remote file inclusion vulnerability in install.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the install_dir parameter. NOTE: CVE and third parties dispute this vulnerability because install_dir is defined before use
References
Configurations
History
21 Nov 2024, 00:25
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/31277 - | |
References | () http://www.attrition.org/pipermail/vim/2007-January/001223.html - | |
References | () http://www.securityfocus.com/archive/1/456527/100/0/threaded - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/31408 - |
07 Nov 2023, 02:00
Type | Values Removed | Values Added |
---|---|---|
Summary | PHP remote file inclusion vulnerability in install.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the install_dir parameter. NOTE: CVE and third parties dispute this vulnerability because install_dir is defined before use |
Information
Published : 2007-01-13 02:28
Updated : 2024-11-21 00:25
NVD link : CVE-2007-0230
Mitre link : CVE-2007-0230
CVE.ORG link : CVE-2007-0230
JSON object : View
Products Affected
cs-cart
- cs-cart
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')