source: wwwsecurityfocuscom/bid/5037/info
osCommerce is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers If the remote file is a PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the webserver
-------- Example 1 --------
SERVER/ca ...