CVE-2007-6133

Name of the Vulnerable Software and Affected Versions DevMass Shopping Cart versions 1.0 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the kfm base path parameter in the admin/kfm/initialise.php file.

Recommendations For DevMass Shopping Cart versions 1.0 and earlier, as a temporary workaround, consider restricting access to the admin/kfm/initialise.php file until a patch is available. Avoid using the kfm base path parameter in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.