Remote file inclusion

2006-05-1923:02:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.6%

JSON

PHP remote file inclusion vulnerability in cart_content.php in Squirrelcart 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cart_isp_root parameter.

CPENameOperatorVersion
squirrelcarteq2.2.2
squirrelcarteq1.6
squirrelcarteq1.5.5

Name	Operator	Version
squirrelcart	eq	2.2.2
squirrelcart	eq	1.6
squirrelcart	eq	1.5.5

References

secunia.com/advisories/20121

www.ldev.com/forums/showthread.php?p=9976

www.osvdb.org/25523

www.securityfocus.com/bid/17992

www.vupen.com/english/advisories/2006/1818

exchange.xforce.ibmcloud.com/vulnerabilities/26443

www.exploit-db.com/exploits/1790