4 matches found
Immunity Canvas: CPCOMMERCE_RFI
Name| cpcommercerfi ---|--- CVE| CVE-2009-1936 Exploit Pack| CANVAS Description| cpCommerce 1.2.x Remote File Include Notes| CVE Name: CVE-2009-1936 VENDOR: cpCommerce Repeatability: Infinite CVE Url: https://vulners.com/cve/CVE-2009-1936 References: 'http://www.securityfocus.com/bid/35103' CVSS:...
CVE-2009-1936
functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrar...
CVE-2009-1936
The CVE-2009-1936 entry concerns cpCommerce 1.2.x (possibly including 1.2.9) and related variants. The root cause is in _functions.php: when called directly, a redirect is issued but not exited, allowing bypass of a protection mechanism that enables remote file inclusion and directory traversal v...
CVE-2009-1936
creationtimestamp| type| source ---|---|--- 2009-05-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8790 2024-01-26 21:16:23+00:00| seen| https://t.me/ctinow/174479...