Description
PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter.
Remediation
References
Related Vulnerabilities
MediaWiki Incorrect Default Permissions Vulnerability (CVE-2011-4361)
Oracle Database Server CVE-2020-2512 Vulnerability (CVE-2020-2512)
e107 Other Vulnerability (CVE-2005-2805)
Oracle Database Server CVE-2006-0258 Vulnerability (CVE-2006-0258)
XWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-32729)