osCommerce 2.3.4 Local File Inclusion / Cross Site Request Forgery

Advisory ID: HTB23284 Product: osCommerce Vendor: osCommerce Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Public Disclosure: February 17, 2016 Vulnerability Type: PHP Fi...

osCommerce 2.3.4 - Multiple vulnerabilities

No description provided by source. Title: osCommerce 2.3.4 - Multiple vulnerabilities Date: 10.07.14 Affected versions: = 2.3.4 latest atm Vendor: oscommerce.com Tested on: Apache 2.2.22 at Debian Contact: smash at devilteam.pl Cross Site Scripting 1. Reflected XSS - Send Email Vulnerable...