CVE-2007-4933

Shop-Script FREE <= 2.0 - Remote Code Execution via Appearance Configuration Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4933. PoCs published by InATeam.

AI-analyzed exploit summary This exploit targets Shop-Script FREE <= 2.0, leveraging an admin authorization bypass and arbitrary PHP code injection in the configuration file. It executes commands via a crafted POST request to inject shellcode into the configuration file, then triggers it via a GET request.

Description

Direct static code injection vulnerability in includes/admin/sub/conf_appearence.php in Shop-Script FREE 2.0 and earlier allows remote attackers to inject arbitrary PHP code into cfg/appearence.inc.php via a save_appearence action in admin.php, as demonstrated with the (1) productscount, (2) colscount, and (3) darkcolor parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED
by InATeam · phpwebappsphp
https://www.exploit-db.com/exploits/4419

This exploit targets Shop-Script FREE <= 2.0, leveraging an admin authorization bypass and arbitrary PHP code injection in the configuration file. It executes commands via a crafted POST request to inject shellcode into the configuration file, then triggers it via a GET request.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Shop-Script FREE <= 2.0
No auth needed
Prerequisites: Target must be running Shop-Script FREE <= 2.0 · PHP must be configured with certain settings (e.g., magic_quotes_gpc=on)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26840
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25695
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4419

Scores

EPSS 0.0241
EPSS Percentile 82.0%

Details

CWE
CWE-94
Status published
Products (1)
shop-script/shop-script 2.0
Published Sep 18, 2007
Tracked Since Feb 18, 2026