CVE-2019-25496

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the productsid parameter. Attackers can modify the productsid value in productinfo.php requests and append boolean-based SQL injection...

CVE-2024-6355 Genexis Tilgin Fiber Home Gateway HG1522 cross site scripting

A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01090112. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /status/productinfo/. The manipulation of the argument productinfo leads to cross site scripting. The...

CVE-2023-43703

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "productinfoname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

OSCommerce 2.2 Product_Info.PHP Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7351/info It has been reported that an attacker may trigger a denial of service condition in osCommerce application. If malicious URI parameters are passed to several of the osCommerce PHP pages, the mySQL and web server...

getacoder-sql.txt

|| | | Getacoder Clone Script sbprotype Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | | script :...

osCommerce 2.2 - 'product_info.php' Denial of Service

source: https://www.securityfocus.com/bid/7351/info It has been reported that an attacker may trigger a denial of service condition in osCommerce application. If malicious URI parameters are passed to several of the osCommerce PHP pages, the mySQL and web server hosting osCommerce reportedly...