Vulnerability Description
_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrary files via the GLOBALS[prefix] parameter, a different vector than CVE-2003-1500.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cpcommerce Project | Cpcommerce | >= 1.2.0, <= 1.2.9 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/35245Broken LinkVendor Advisory
- http://www.securityfocus.com/bid/35103Broken LinkThird Party AdvisoryVDB Entry
- https://www.exploit-db.com/exploits/8790ExploitThird Party AdvisoryVDB Entry
- http://secunia.com/advisories/35245Broken LinkVendor Advisory
- http://www.securityfocus.com/bid/35103Broken LinkThird Party AdvisoryVDB Entry
- https://www.exploit-db.com/exploits/8790ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2009-1936?
CVE-2009-1936 is a vulnerability with a CVSS score of 9.8 (CRITICAL). _functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct r...
How severe is CVE-2009-1936?
CVE-2009-1936 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2009-1936?
Check the references section above for vendor advisories and patch information. Affected products include: Cpcommerce Project Cpcommerce.