Description

PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter.

Remediation

References

CVE-2002-2019

Related Vulnerabilities

WebLogic CVE-2021-2382 Vulnerability (CVE-2021-2382)

XWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-41932)

e107 Other Vulnerability (CVE-2005-4224)

WebLogic CVE-2024-21006 Vulnerability (CVE-2024-21006)

Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.17)

Severity

High

Classification

CVE-2002-2019 CWE-94

Tags

Missing Update Known Vulnerabilities