VULHUB ™

Reportedly phpShop is affected by a remote PHP script execution vulnerability. This issue is due to improper validation of user-supplied variables passed to the application via URI, POST or COOKIE parameters. This issue is present whether or not the PHP Apache module is configured with 'register_globals' turned off or on. This issue would allow an attacker to execute arbitrary PHP scripts on an affected host; issuing commands to the underlying operating system with the privileges of the web server is possible.

Reportedly phpShop is affected by a remote PHP script execution vulnerability. This issue is due to improper validation of user-supplied variables passed to the application via URI, POST or COOKIE parameters. This issue is present whether or not the PHP Apache module is configured with 'register_globals' turned off or on. This issue would allow an attacker to execute arbitrary PHP scripts on an affected host; issuing commands to the underlying operating system with the privileges of the web server is possible.