file inclusion vulnerability in cpCommerce

Credit: Astharot
Risk: High
Local: No
Remote: Yes

CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

ZH2003-31SA (security advisory): file inclusion vulnerability in cpCommerce Published: 19 October 2003 Name: cpCommerce Affected Versions: 0.05f (and other versions?) Vendor: Issue: file inclusion vulnerability Author: Astharot (at Description ********** Zone-H Security Team has discovered a flaw in cpCommerce. cpCommerce "is an open-source e-commerce solution that is entirely template and module based.". Details ********** There's a file inclusion vulnerability in the _functions.php file, line 13-14: require_once("{$prefix}_config.php"); require_once("{$prefix}_gateways.php"); Is it possible for a remote attacker to include an external file and execute arbitrary commands with the privileges of the webserver (nobody by default). To test the vulnerability try this: In this way the file "" or "" will be included and executed on the server. Solution ********** The author has been contacted and he published a temporary fix in the cpCommerce website forum, waiting for the new version. The patch is avaible here:;action=display;threadid=8 64. Suggestions ********** Fix the script with the patch proposed by the author. Link to ariginal article here: Astharot - Zone-H Admin -- - astharot (at) zone-h (dot) org [email concealed] PGP Key: Linux User #292132

Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024,


Back to Top