CVE-2007-4439

2007-08-2100:00:00

mitre

www.cve.org

AI Score

7.6

Confidence

High

EPSS

0.05

Percentile

92.9%

JSON

PHP remote file inclusion vulnerability in popup_window.php in Squirrelcart 1.x.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site_isp_root parameter, probably related to cart.php.

References

osvdb.org/37701

www.securityfocus.com/bid/25382

exchange.xforce.ibmcloud.com/vulnerabilities/36112

www.exploit-db.com/exploits/4295