PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote malicious users to execute arbitrary code via the page parameter to index.php.
source: wwwsecurityfocuscom/bid/15877/info
E-commerce is prone to a remote file include vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input
An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the Web se ...