Cpcommerce Project Cpcommerce 1.2.0

CPE Details

Cpcommerce Project Cpcommerce 1.2.0
cpcommerce_project
cpcommerce
1.2.0
2023-12-29
09h15 +00:00
2023-12-29
09h15 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:cpcommerce_project:cpcommerce:1.2.0:*:*:*:*:*:*:*

Informations

Vendor

cpcommerce_project

Product

cpcommerce

Version

1.2.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2009-1936 2009-06-05 16h13 +00:00 _functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrary files via the GLOBALS[prefix] parameter, a different vector than CVE-2003-1500.
9.8
Critique