CVE-2004-2010

2005-05-1004:00:00

mitre

www.cve.org

7.6 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.5%

JSON

PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and earlier allows remote attackers to execute arbitrary PHP code by modifying the base_dir parameter to reference a URL on a remote web server that contains phpshop.cfg.

References

marc.info/?l=bugtraq&m=108420702317870&w=2

secunia.com/advisories/11587

www.fribble.net/advisories/phpshop_29-04-04.txt

www.securityfocus.com/bid/10313

exchange.xforce.ibmcloud.com/vulnerabilities/16107