Описание
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pro.php, (2) global.php, or (3) libsecure.php, different vectors than CVE-2007-2070.
Уязвимые конфигурации
Конфигурация 1Версия до 4.0 (включая)
cpe:2.3:a:turnkey_web_tools:sunshop_shopping_cart:*:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04695
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pro.php, (2) global.php, or (3) libsecure.php, different vectors than CVE-2007-2070.
EPSS
Процентиль: 89%
0.04695
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other