CVE-2007-4907
CVE-2007-4907 documents multiple PHP remote file inclusion vulnerabilities in X-Cart . An attacker can exploit the flaw by supplying a URL in the xcart_dir parameter to any of six PHP entry points: (1) config.php, (2) prepare.php, (3) smarty.php, (4) customer/product.php, (5) provider/auth.php, a...