Squirrelcart: PHP code inclusion attempt
Description
Using the cart_content.php and a specially crafted cart_isp_root parameter, an attacker could include and execute arbitrary PHP code on the server.
Default
configuration
Profiles
High
Medium
Low
Internet
Action
Block
Block
Block
Block
Alarm Level
Major
Minor
Minor
Major
References
URL:
http://www.frsirt.com/english/advisories/2006/1818
Available since
ASQ v3.2.0
Protects
Squirrelcart "cart_isp_root" Variable Handling Remote File Inclusion Vulnerability
100 last CVE
CVE-2006-2483
Risk level
Moderate
