OSCommerce 2.2 - Product_Info.PHP Denial of Service Vulnerability

2003-04-15T00:00:00
ID EDB-ID:22494
Type exploitdb
Reporter Lorenzo Hernandez Garcia-Hierro
Modified 2003-04-15T00:00:00

Description

OSCommerce 2.2 Product_Info.PHP Denial Of Service Vulnerability. Dos exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/7351/info

It has been reported that an attacker may trigger a denial of service condition in osCommerce application. If malicious URI parameters are passed to several of the osCommerce PHP pages, the mySQL and web server hosting osCommerce reportedly becomes unstable, possibly resulting in a denial of service condition.

It should be noted that although osCommerce version 2.2cvs was reported vulnerable, previous versions may also be affected. 

product_info.php?products_id=[large amount of random content]