OsCommerce Remote File Upload And File Disclosure Vulnerabilities Network Vulnerability

Summary

osCommerce is prone to a remote file upload and a file disclosure vulnerability. The issues occur because the application fails to adequately sanitize user-supplied input. An attacker can exploit these issues to upload a file and obtain an arbitrary file's content other attacks are also possible.

References

http://www.oscommerce.com/solutions/downloads
http://www.securityfocus.com/bid/50301

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.6 AV:N/AC:H/Au:S/C:P/I:P/A:P

Related Vulnerabilities

@Mail 'admin.php' Cross-Site Scripting Vulnerabilities
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability

osCommerce Remote File Upload and File Disclosure Vulnerabilities

Take action and discover your vulnerabilities