Vulnerabilities > CVE-2004-2010

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and earlier allows remote attackers to execute arbitrary PHP code by modifying the base_dir parameter to reference a URL on a remote web server that contains phpshop.cfg.

Vulnerable Configurations

Part	Description	Count
Application	Phpshop Phpshop Phpshop 0.7 Phpshop Phpshop 0.6.1B Phpshop Phpshop 0.7.1	3

References

http://marc.info/?l=bugtraq&m=108420702317870&w=2
http://marc.info/?l=bugtraq&m=108420702317870&w=2
http://secunia.com/advisories/11587
http://secunia.com/advisories/11587
http://www.fribble.net/advisories/phpshop_29-04-04.txt
http://www.fribble.net/advisories/phpshop_29-04-04.txt
http://www.securityfocus.com/bid/10313
http://www.securityfocus.com/bid/10313
https://exchange.xforce.ibmcloud.com/vulnerabilities/16107
https://exchange.xforce.ibmcloud.com/vulnerabilities/16107

Vulnerabilities > CVE-2004-2010 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2004-2010"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2004-2010