PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php and (2) checkout.php.
References
Configurations
History
21 Nov 2024, 00:41
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/28424 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/27231 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/39616 - | |
References | () https://www.exploit-db.com/exploits/4889 - |
Information
Published : 2008-01-16 02:00
Updated : 2024-11-21 00:41
NVD link : CVE-2008-0287
Mitre link : CVE-2008-0287
CVE.ORG link : CVE-2008-0287
JSON object : View
Products Affected
visionburst
- vcart
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')