CVE-2007-2070

Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart before 3.5.1 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php or (2) checkout.php.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:turnkey_web_tools:sunshop_shopping_cart:3.5:*:*:*:*:*:*:*
cpe:2.3:a:turnkey_web_tools:sunshop_shopping_cart:*:*:*:*:*:*:*:*

Information

Published : 2007-04-17 20:19

Updated : 2017-10-10 18:32


NVD link : CVE-2007-2070

Mitre link : CVE-2007-2070


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

turnkey_web_tools

  • sunshop_shopping_cart