Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Work_system_e-commerce | Work_system_e-commerce | 3.0.41 | 3.0.41 |
Work_system_e-commerce | Work_system_e-commerce | 3.0.3 | 3.0.3 |
Work_system_e-commerce | Work_system_e-commerce | 3.0.5 | 3.0.5 |
Work_system_e-commerce | Work_system_e-commerce | 3.0.4 | 3.0.4 |