Lucene search
K

4 matches found

canvas
canvas
added 2009/06/05 6:30 p.m.53 views

Immunity Canvas: CPCOMMERCE_RFI

Name| cpcommercerfi ---|--- CVE| CVE-2009-1936 Exploit Pack| CANVAS Description| cpCommerce 1.2.x Remote File Include Notes| CVE Name: CVE-2009-1936 VENDOR: cpCommerce Repeatability: Infinite CVE Url: https://vulners.com/cve/CVE-2009-1936 References: 'http://www.securityfocus.com/bid/35103' CVSS:...

6.8CVSS9.8AI score0.42223EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2009/06/05 6:13 p.m.8 views

CVE-2009-1936

functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrar...

9.8AI score0.42223EPSS
Exploits2References3
CVE
CVE
added 2009/06/05 6:13 p.m.110 views

CVE-2009-1936

The CVE-2009-1936 entry concerns cpCommerce 1.2.x (possibly including 1.2.9) and related variants. The root cause is in _functions.php: when called directly, a redirect is issued but not exited, allowing bypass of a protection mechanism that enables remote file inclusion and directory traversal v...

9.8CVSS9.7AI score0.42223EPSS
Exploits2References3Affected Software1
Circl
Circl
added 2009/05/26 12:0 a.m.5 views

CVE-2009-1936

creationtimestamp| type| source ---|---|--- 2009-05-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8790 2024-01-26 21:16:23+00:00| seen| https://t.me/ctinow/174479...

9.8CVSS7.3AI score0.42223EPSS
Exploits2References2
Rows per page
Query Builder