CVE-2006-4215

PHP remote file inclusion vulnerability in index.php in Zen Cart 1.3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the autoLoadConfig[999][0][loadFile] parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:zen_cart:zen_cart:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-08-17 21:04

Updated : 2017-07-20 01:32


NVD link : CVE-2006-4215

Mitre link : CVE-2006-4215


JSON object : View

Products Affected

zen_cart

  • zen_cart
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')