Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Prion
Prionadded 2009/06/05 6:30 p.m.16 views

Directory traversal

functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrar...

6.8CVSS7.7AI score0.08071EPSS
Exploits2References3Affected Software1
canvas
canvasadded 2009/06/05 6:30 p.m.51 views

Immunity Canvas: CPCOMMERCE_RFI

Name| cpcommercerfi ---|--- CVE| CVE-2009-1936 Exploit Pack| CANVAS Description| cpCommerce 1.2.x Remote File Include Notes| CVE Name: CVE-2009-1936 VENDOR: cpCommerce Repeatability: Infinite CVE Url: https://vulners.com/cve/CVE-2009-1936 References: 'http://www.securityfocus.com/bid/35103' CVSS:...

6.8CVSS9.8AI score0.08071EPSS
Exploits2
Exploit DB
Exploit DBadded 2009/05/26 12:0 a.m.39 views

CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion

!/usr/bin/perl cpCommerce 1.2.x GLOBALSprefix Arbitrary File Inclusion Exploit by staker mail: stakerathotmaildotit url: http://cpcommerce.cpradio.org it works with registerglobals=on if you wanna carry out a LFI - mq=off short explanation: cpCommerce contains one flaw that allows an attacker to...

7AI score
Exploits0
Rows per page
Query Builder