Description
PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file parameter to include_once.php.
Remediation
References
Related Vulnerabilities
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-12629)
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-30156)
WordPress Plugin Ivory Search-WordPress Search Cross-Site Scripting (4.6.6)
Grafana Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-13379)