CVE-2002-2019
osCommerce 2.1 - Remote Code Execution via include_file Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-2019. PoCs published by Tim Vandermeerch.
AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in osCommerce, allowing an attacker to execute arbitrary PHP code by including a remote file via the 'include_file' parameter. The examples show directory listing and sensitive file disclosure.
Description
PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter.
Exploits (1)
This exploit demonstrates a remote file inclusion vulnerability in osCommerce, allowing an attacker to execute arbitrary PHP code by including a remote file via the 'include_file' parameter. The examples show directory listing and sensitive file disclosure.