cpCommerce.Remote.File.Inclusion

description-logoDescription

This indicates an attempt to exploit a Remote File Include vulnerability in cpCommerce.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious request. It allows a remote attacker to execute arbitrary code via sending a crafted web page.

affected-products-logoAffected Products

cpCommerce 1.2.x, possibly including 1.2.9

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Improve the web page back-end source code to verify client requests properly.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-01-11 16.995