Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-6691. PoCs published by mdx.
AI-analyzed exploit summary This exploit demonstrates a Remote File Include (RFI) vulnerability in Valdersoft Shopping Cart v3.0. The vulnerability allows an attacker to include arbitrary remote files via the 'commonIncludePath' parameter in multiple PHP scripts.
Description
Multiple PHP remote file inclusion vulnerabilities in Valdersoft Shopping Cart 3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the commonIncludePath parameter to (1) admin/include/common.php, (2) include/common.php, or (3) common_include/common.php.
Exploits (1)
This exploit demonstrates a Remote File Include (RFI) vulnerability in Valdersoft Shopping Cart v3.0. The vulnerability allows an attacker to include arbitrary remote files via the 'commonIncludePath' parameter in multiple PHP scripts.