32 matches found
EUVD-2009-5126
Malware in sbrugna...
osCommerce 2.2 admin/newsletters.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...
osCommerce 2.2 admin/languages.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...
osCommerce 2.2/3.0 'oscid' Session Fixation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34348/info osCommerce is prone to a session-fixation vulnerability. Attackers can exploit this issue to hijack a user's session and gain unauthorized access to the affected application. The following are vulnerable:...
osCommerce 2.2 admin/tax_rates.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...
osCommerce 2.2 admin/countries.php page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...
OSCommerce 2.2 Contact_us.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12568/info A vulnerability is reported to exist in osCommerce that may allow a remote user to launch cross-site scripting attacks. This issue could permit a remote attacker to create a malicious URI link that includes...
osCommerce 2.2 File Upload
Remote file upload vulnerability in osCommerce filemanager.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...
JVN#38216398: osCommerce vulnerable to directory traversal
osCommerce is an open source system for creating shopping websites. osCommerce contains a directory traversal vulnerability. Impact A remote attacker may access arbitrary files on the server. Solution Update the software Update to the latest version according to the information provided by the...
osCommerce 2.2-MS2 phpinfo() Disclosure
Exploit Title: osCommerce 2.2-MS2 phpinfo disclosure vulnerability Date: 21 June 2010 Author: Neo-Gabriel Download: http://www.oscommerce.com/solutions/downloads Version: 2.2-MS2 Tested on: Windows 95 . .. . . . | | | /|| / \ / \ | | | | | | / / | | / | | |/ \ \ / \ \ / /\ | | | | \ \ | | \ \ |/...
osCMax 2.0 fckeditor upload vulnerability exploit-vulnerability warning-the black bar safety net
osCMax V2. 0 is a powerful e-commerce/shopping cart Web application, there are many benefits, as you are using osCMax e-commerce/shopping cart for your website. It has all it takes to run a successful online store can feature By customizing your In Need of any configuration. osCMax 2.0 is based o...
osCMax 2.0 (fckeditor) Remote File Upload
Exploit for unknown platform in category web applications ========================================= osCMax 2.0 fckeditor Remote File Upload ========================================= Title: osCMax 2.0 fckeditor Remote File Upload Vendor: http://www.oscdox.com Dork: "Powered by osCMax v2.0" ,...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in osCommerce 2.2 RC 2a allows remote attackers to hijack the authentication of administrators...
CVE-2009-0408
Cross-site request forgery CSRF vulnerability in osCommerce 2.2 RC 2a allows remote attackers to hijack the authentication of administrators...
osCommerce 2.2 - adminstats_products_purchased.php?page Cross-Site Scripting
osCommerce 2.2 - adminstatsproductspurchased.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...
osCommerce 2.2 - adminproducts_attributes.php?page Cross-Site Scripting
osCommerce 2.2 - adminproductsattributes.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...
osCommerce 2.2 - adminnewsletters.php?page Cross-Site Scripting
osCommerce 2.2 - adminnewsletters.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting us...
osCommerce 2.2 - '/admin/orders_status.php?page' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attack...
osCommerce 2.2 - '/admin/languages.php?page' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attack...
osCommerce 2.2 - '/admin/banner_manager.php?page' Cross-Site Scripting
source: https://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attack...