Security Advisory

CVE-2006-4527

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-09-01 23:00:00

Last updated 2024-09-16 21:03:44

Assigner mitre

State PUBLISHED

Description

includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magic_quotes_gpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allows remote attackers to conduct PHP remote file inclusion attacks.

← Browse all CVEs View on cve.org ↗