Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1500

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2003-1500
Last Modified 05 Sep 2008 04:37:06
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-1500

Summary

PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote attackers to execute arbitrary code via the prefix parameter.

Vulnerable Systems

Application

  • Cpcommerce 0.5f


References

XF - cpCommerce-functionsphp-file-include(13457)

BID - 8851

BUGTRAQ - 20031019 ZH2003-31SA (security advisory): file inclusion vulnerability in cpCommerce

MISC - http://www.securiteam.com/unixfocus/6H00E2K8KG.html

CONFIRM - http://cpcommerce.org/forums/index.php?board=2;action=display;threadid=864

SREASON - 3301


Last Updated: 27 May 2016 10:38:23