PHP remote file inclusion vulnerability in popup_window.php in Squirrelcart 1.x.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site_isp_root parameter, probably related to cart.php.
CPE | Name | Operator | Version |
---|---|---|---|
squirrelcart | le | 1.6.3 |