2 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abspath parameter to 1 include/payment/payflowpro.php, 2 global.php, or 3 libsecure.php, different vectors than CVE-2007-2070...
CVE-2007-2070
Turnkey Web Tools SunShop Shopping Cart is affected by CVE-2007-2070 due to multiple PHP remote file inclusion vulnerabilities. The flaw allows an attacker to trigger arbitrary PHP code execution by supplying a crafted URL in the abs_path parameter to index.php or checkout.php. The issue affects ...