CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2019

PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://archives.neohapsis.com/archives/bugtraq/2002-06/0188.html
http://www.iss.net/security_center/static/9369.php
http://www.oscommerce.com/about.php/news%2C72
http://www.securityfocus.com/bid/5037
http://archives.neohapsis.com/archives/bugtraq/2002-06/0188.html
http://www.iss.net/security_center/static/9369.php
http://www.oscommerce.com/about.php/news%2C72
http://www.securityfocus.com/bid/5037

Products affected by CVE-2002-2019

Oscommerce » Oscommerce » Version: 2.1

cpe:2.3:a:oscommerce:oscommerce:2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2019

Products

Pricing

Contact Us