PHP Remote File Inclusion Vulnerability in CS-Cart by CS-Cart
CVE-2006-2863

Currently unrated

Key Information:

Vendor

Cs-cart

Status
Cs-cart
Vendor
CVE Published:
6 June 2006

What is CVE-2006-2863?

A remote file inclusion vulnerability exists in the class.cs_phpmailer.php file of CS-Cart version 1.3.3. This security issue allows attackers to exploit the 'classes_dir' parameter to include arbitrary PHP files from remote locations, potentially executing malicious code on the server. Successful exploitation can compromise the integrity of the application and lead to unauthorized access to sensitive data.

References

http://www.vupen.com/english/advisories/2006/2125
vdb-entryx_refsource_VUPEN
http://www.attrition.org/pipermail/vim/2006-June/000824.html
mailing-listx_refsource_VIM
https://exchange.xforce.ibmcloud.com/vulnerabilities/26911
vdb-entryx_refsource_XF

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.