Lucene search
K

12 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/27 5:23 p.m.5 views

CVE-2019-25495

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviewsid parameter. Attackers can send GET requests to productreviewswrite.php with malicious reviewsid values using boolean-based SQL...

8.8CVSS6AI score0.00327EPSS
Exploits1References3Affected Software1
Exploit DB
Exploit DB
added 2021/07/15 12:0 a.m.603 views

osCommerce 2.3.4.1 - Remote Code Execution (2)

Exploit Title: osCommerce 2.3.4.1 - Remote Code Execution 2 Vulnerability: Remote Command Execution when /install directory wasn't removed by the admin Exploit: Exploiting the install.php finish process by injecting php payload into the dbdatabase parameter & read the system command output from...

7.4AI score
Exploits0
OSV
OSV
added 2020/11/25 8:15 p.m.28 views

CVE-2020-29070

osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters...

4.8CVSS5.9AI score0.01145EPSS
Exploits1References3
OSV
OSV
added 2019/08/22 3:15 p.m.22 views

CVE-2018-18573

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files e.g., omitting .php and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=newprodu...

7.2CVSS7.6AI score
Exploits0References1
NVD
NVD
added 2019/08/22 3:15 p.m.17 views

CVE-2018-18572

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions such as .phtml and .php5 didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote...

7.2CVSS7.3AI score0.02541EPSS
Exploits0References1
0day.today
0day.today
added 2019/02/07 12:0 a.m.113 views

osCommerce 2.3.4.1 - products_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: osCommerce 2.3.4.1 - 'productsid' SQL Vulnerabilities Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category: Webapps Tested on:...

7.1AI score
Exploits0
OSV
OSV
added 2018/11/06 4:29 a.m.22 views

CVE-2018-18965

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g.,...

4.9CVSS6.3AI score
Exploits0References1
NVD
NVD
added 2018/11/06 4:29 a.m.18 views

CVE-2018-18965

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g.,...

4.9CVSS4.8AI score0.00997EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/11/06 4:0 a.m.19 views

CVE-2018-18965

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g.,...

5.7AI score0.00997EPSS
Exploits0References1
0day.today
0day.today
added 2018/03/31 12:0 a.m.247 views

osCommerce 2.3.4.1 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: osCommerce 2.3.4.1 Remote Code Execution Date: 29.0.3.2018 Exploit Author: Simon Scannell - https://scannell-infosec.net Version: 2.3.4.1, 2.3.4 - Other versions have not been tested but are likely to be vulnerable Tested on:...

Exploits0
Packet Storm
Packet Storm
added 2018/03/31 12:0 a.m.102 views

osCommerce 2.3.4.1 Remote Code Execution

Exploit Title: osCommerce 2.3.4.1 Remote Code Execution Date: 29.0.3.2018 Exploit Author: Simon Scannell - https://scannell-infosec.net Version: 2.3.4.1, 2.3.4 - Other versions have not been tested but are likely to be vulnerable Tested on: Linux, Windows If an Admin has not removed the /install/...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/11/29 12:0 a.m.103 views

osCommerce 2.3.4.1 - Arbitrary File Upload Exploit

Exploit for php platform in category web applications Exploit Title: osCommerce 2.3.4.1 Authenticated Arbitrary File Upload Exploit Author: Simon Scannell - https://scannell-infosec.net Vendor Homepage: https://www.oscommerce.com/ Software Link: https://www.oscommerce.com/Products&Download=oscom2...

7.1AI score
Exploits0
Rows per page
Query Builder