Vulnerability Details CVE-2007-0230
PHP remote file inclusion vulnerability in install.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the install_dir parameter. NOTE: CVE and third parties dispute this vulnerability because install_dir is defined before use
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/31277
- http://www.attrition.org/pipermail/vim/2007-January/001223.html
- http://www.securityfocus.com/archive/1/456527/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31408
- http://osvdb.org/31277
- http://www.attrition.org/pipermail/vim/2007-January/001223.html
- http://www.securityfocus.com/archive/1/456527/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31408