2 matches found
SmartISoft phpBazar Remote Code Execution (CVE-2010-2315)
A remote code execution vulnerability exists in SmartISoft phpbazar. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2010-2315
The CVE-2010-2315 entry describes a PHP remote file inclusion vulnerability in SmartISoft phpBazar 2.1.1, specifically in picturelib.php where an attacker can trigger arbitrary PHP code execution by supplying a URL in the cat parameter. The underlying issue is improper validation/sanitation of th...