Lucene search

[email protected]CVE-2003-1500

HistoryOct 25, 2007 - 7:00 p.m.

CVE-2003-1500

2007-10-2519:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2003-1500

php

remote file inclusion

cpcommerce

code execution

9.8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.083 Low

EPSS

Percentile

94.4%

JSON

PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote attackers to execute arbitrary code via the prefix parameter.

Affected configurations

NVD

Node

cpcommercecpcommerceMatch0.5f

CPENameOperatorVersion
cpcommerce:cpcommercecpcommerceeq0.5f

CPE	Name	Operator	Version
cpcommerce:cpcommerce	cpcommerce	eq	0.5f

References

cpcommerce.org/forums/index.php?board=2%3Baction=display%3Bthreadid=864

securityreason.com/securityalert/3301

www.securiteam.com/unixfocus/6H00E2K8KG.html

www.securityfocus.com/archive/1/341757

www.securityfocus.com/bid/8851

exchange.xforce.ibmcloud.com/vulnerabilities/13457

9.8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.083 Low

EPSS

Percentile

94.4%

JSON

Related for CVE-2003-1500

nvd2 cvelist2 prion1 cve1