CVE-2002-2019 Information

Description

PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-06/0188.html http://www.iss.net/security_center/static/9369.php http://www.oscommerce.com/about.php/news72 http://www.securityfocus.com/bid/5037