2 matches found
CVE-2006-0854
CVE-2006-0854 describes a PHP remote file inclusion in Intensive Point iUser Ecommerce. The vulnerability arises because common.php uses the include_path without initialization, allowing an attacker to include arbitrary files via a URL. Per NVD, the CVSS v2 base score is 7.5 (HIGH). The connected...
CVE-2006-0874
CVE-2006-0874 relates to Intensive Point iUser Ecommerce prior to 2.2, with multiple unspecified vulnerabilities addressed by urgent fixes. Connected sources provide concrete detail for CVE-2006-0854 (a likely related entry): PHP remote file inclusion in common.php that lets remote attackers incl...