Vulnerabilities > Cpcommerce Project

DATE	CVE	VULNERABILITY TITLE	RISK
2009-06-05	CVE-2009-1936	Path Traversal vulnerability in Cpcommerce Project Cpcommerce 1.2.0/1.2.9 _functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrary files via the GLOBALS[prefix] parameter, a different vector than CVE-2003-1500. network low complexity cpcommerce-project CWE-22 critical	9.8

Vulnerabilities > Cpcommerce Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cpcommerce Project"}]}