| VID |
21989 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The SquirrelCart program is vulnerable to a remote file include vulnerability via the 'cart_isp_root' parameter. Squirrelcart PHP Shopping Cart is a shopping cart application written in PHP. SquirrelCart version 2.2.2 and earlier versions are vulnerable to a remote file include vulnerability, caused by improper validation of user-supplied input passed to the 'cart_isp_root' parameter of the 'cart_content.php' script. If the 'register_globals' is enabled, a remote attacker could send a specially-crafted URL request to the cart_content.php script and execute arbitrary PHP code on the affected host.
* References:
http://www.frsirt.com/english/advisories/2006/1818
http://secunia.com/advisories/20121
http://milw0rm.com/exploits/1790
http://www.ldev.com/forums/showthread.php?p=9976#post9976
* Platforms Affected:
SquirrelCart versions 2.2.2 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of SquirrelCart (2.2.2 or later), available from the SquirrelCart Web page at http://www.squirrelcart.com/downloads.php
-- OR --
As a workaround, disable PHP's 'register_globals' setting. |
| Related URL |
CVE-2006-2483 (CVE) |
| Related URL |
17992 (SecurityFocus) |
| Related URL |
26443 (ISS) |
|
