Intrusion Prevention



This indicates an attempt to exploit a Remote File Include vulnerability in cpCommerce.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious request. It allows a remote attacker to execute arbitrary code via sending a crafted web page.

Affected Products

cpCommerce 1.2.x, possibly including 1.2.9


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Improve the web page back-end source code to verify client requests properly.

CVE References