VULHUB ™

cpCommerce may allow remote users to influence the include path for PHP scripts. This could be exploited to include a malicious script that is hosted on an attacker-controlled server, allowing for execution of arbitrary code in the context of the web server.

cpCommerce may allow remote users to influence the include path for PHP scripts. This could be exploited to include a malicious script that is hosted on an attacker-controlled server, allowing for execution of arbitrary code in the context of the web server.