← CVECheck
HomeVulnerabilities

CVE-2002-1991 — HIGH severity vulnerability (PHP file inclusion vulnerability in osCommerce 2.1 execute a)

PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file parameter to include_once.php.

CVE IDCVE-2002-1991
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWECWE-94
StatusModified
Published2002-12-31
Last modified2026-04-16
DescriptionPHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file parameter to include_once.php.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →