VYPR
Unrated severityNVD Advisory· Published Jan 9, 2007· Updated Jun 16, 2026

CVE-2007-0134

CVE-2007-0134

Description

Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute arbitrary code via the action parameter, which is supplied to an eval function call in (1) cart.php and (2) page.php. NOTE: a later report and CVE analysis indicate that the vulnerability is present in 1.4.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • E Cart/iG Shop3 versions
    cpe:2.3:a:igeneric:ig_shop:1.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:igeneric:ig_shop:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:igeneric:ig_shop:1.4:*:*:*:*:*:*:*
    • (no CPE)range: <=1.4

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.