CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oscommerce : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2012-5798 20 2012-11-04 2012-11-05
5.8
None Remote Medium Not required Partial Partial None
The PayPal Pro PayFlow EC module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
2 CVE-2012-5797 20 2012-11-04 2012-11-19
5.8
None Remote Medium Not required Partial Partial None
The PayPal Pro PayFlow module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
3 CVE-2012-5796 20 2012-11-04 2012-11-19
5.8
None Remote Medium Not required Partial Partial None
The PayPal Pro module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
4 CVE-2012-5795 20 2012-11-04 2012-11-19
5.8
None Remote Medium Not required Partial Partial None
The PayPal Express module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
5 CVE-2012-5794 20 2012-11-04 2012-11-19
5.8
None Remote Medium Not required Partial Partial None
The MoneyBookers module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
6 CVE-2012-5793 20 2012-11-04 2012-11-19
5.8
None Remote Medium Not required Partial Partial None
The Authorize.Net module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
7 CVE-2012-5792 20 2012-11-04 2012-11-19
5.8
None Remote Medium Not required Partial Partial None
The Sage Pay Direct module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
8 CVE-2012-2991 2012-09-19 2013-03-01
5.0
None Remote Low Not required None Partial None
The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in osCommerce Online Merchant before 2.3.4 allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self.
9 CVE-2012-2935 79 XSS 2012-05-27 2012-08-13
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Shop/Application/Checkout/pages/main.php in OSCommerce Online Merchant 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the value_title parameter, a different vulnerability than CVE-2012-1059.
10 CVE-2012-1792 79 XSS 2012-05-27 2012-05-28
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Setup/Application/Install/RPC/DBCheck.php in OSCommerce Online Merchant 3.0.2, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the name parameter to oscommerce/index.php, which is not properly handled in an error message. NOTE: this might not be a vulnerability, since the ability to access oscommerce/index.php during installation may already imply administrator privileges.
11 CVE-2012-1059 79 2 XSS 2012-02-13 2013-10-03
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Shop/Application/Cart/pages/main.php in OSCommerce Online Merchant 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the value_title parameter, as demonstrated using the "Front" field in the shirt module.
12 CVE-2012-0312 79 XSS 2012-01-26 2012-02-06
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9, and osCommerce Online Merchant before 2.3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13 CVE-2012-0311 79 XSS 2012-01-26 2012-02-06
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
14 CVE-2011-4543 22 Dir. Trav. 2011-12-05 2011-12-12
7.5
None Remote Low Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) set or (2) module parameter to (a) OM/Core/Site/Admin/Application/templates_modules/pages/info.php, (b) OM/Core/Site/Admin/Application/templates_modules/pages/edit.php, or (c) OM/Core/Site/Admin/Application/templates_modules/pages/uninstall.php; the (3) set parameter to OM/Core/Site/Admin/Application/templates_modules/pages/main.php; the module parameter to (4) OM/Core/Site/Admin/Application/modules_order_total/pages/edit.php, (5) OM/Core/Site/Admin/Application/modules_order_total/pages/uninstall.php, (6) OM/Core/Site/Admin/Application/modules_order_total/pages/info.php, (7) OM/Core/Site/Admin/Application/modules_geoip/pages/edit.php, (8) OM/Core/Site/Admin/Application/modules_geoip/pages/uninstall.php, (9) OM/Core/Site/Admin/Application/images/pages/main.php, (10) OM/Core/Site/Admin/Application/modules_shipping/pages/edit.php, or (11) OM/Core/Site/Admin/Application/modules_shipping/pages/uninstall.php; the filter parameter to (12) OM/Core/Site/Admin/Application/templates_modules_layout/pages/main.php, (13) OM/Core/Site/Admin/Application/templates_modules_layout/pages/new.php, or (14) OM/Core/Site/Admin/Application/templates_modules_layout/pages/edit.php; or the template parameter to (15) OM/Core/Site/Admin/Application/templates/pages/info.php, (16) OM/Core/Site/Admin/Application/templates/pages/edit.php, or (17) OM/Core/Site/Admin/Application/templates/pages/uninstall.php.
15 CVE-2011-3767 200 +Info 2011-09-23 2011-10-20
5.0
None Remote Low Not required Partial None None
osCommerce 3.0a5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by redirect.php.
16 CVE-2009-2039 2009-06-12 2009-06-15
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Luottokunta module before 1.3 for osCommerce has unknown impact and attack vectors related to orders.
17 CVE-2009-2038 2009-06-12 2009-06-15
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Finnish Bank Payment module 2.2 for osCommerce has unknown impact and attack vectors related to bank charges.
18 CVE-2009-0408 352 CSRF 2009-02-03 2009-04-02
6.0
User Remote Medium Single system Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in osCommerce 2.2 RC 2a allows remote attackers to hijack the authentication of administrators.
19 CVE-2008-4765 89 2 Exec Code Sql 2008-10-27 2009-03-18
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in pollBooth.php in osCommerce Poll Booth Add-On 2.0 allows remote attackers to execute arbitrary SQL commands via the pollID parameter in a results operation. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
20 CVE-2008-4170 200 +Info 2008-09-22 2009-01-29
5.0
None Remote Low Not required Partial None None
create_account.php in osCommerce 2.2 RC 2a allows remote attackers to obtain sensitive information via an invalid dob parameter, which reveals the installation path in an error message.
21 CVE-2008-0719 89 1 Exec Code Sql 2008-02-11 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addon for osCommerce Online Merchant 2.2 allows remote attackers to execute arbitrary SQL commands via the testimonial_id parameter.
22 CVE-2007-1477 Dir. Trav. 2007-03-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
** DISPUTED ** Directory traversal vulnerability in index.php in PHP Point Of Sale for osCommerce 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg_language parameter. NOTE: this issue has been disputed by CVE, since the cfg_language variable is configured upon proper product installation.
23 CVE-2006-6534 XSS 2006-12-13 2008-09-05
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 3.0a3 allow remote attackers to inject arbitrary web script or HTML via the (1) set parameter to admin/modules.php, the (2) selected_box parameter to definitiva/admin/customers.php, the (3) lID parameter to admin/languages_definitions.php, or the (4) pID parameter to admin/products.php.
24 CVE-2006-6533 Dir. Trav. 2006-12-13 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in admin/templates_boxes_layout.php in osCommerce 3.0a3 allows remote attackers to include and execute arbitrary PHP files via a .. (dot dot) in the filter parameter. NOTE: this issue can be leveraged to obtain full path information in error messages.
25 CVE-2006-5190 XSS 2006-10-10 2008-09-05
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 2.2 Milestone 2 Update 060817 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter in the (a) banner_manager.php, (b) banner_statistics.php, (c) countries.php, (d) currencies.php, (e) languages.php, (f) manufacturers.php, (g) newsletters.php, (h) orders_status.php, (i) products_attributes.php, (j) products_expected.php, (k) reviews.php, (l) specials.php, (m) stats_products_purchased.php, (n) stats_products_viewed.php, (o) tax_classes.php, (p) tax_rates.php, or (q) zones.php scripts in /admin, and the (2) zpage parameter in (r) admin/geo_zones.php.
26 CVE-2006-4298 Dir. Trav. 2006-08-22 2008-09-05
5.0
None Remote Low Not required Partial None None
Multiple directory traversal vulnerabilities in cache.php in osCommerce before 2.2 Milestone 2 060817 allow remote attackers to determine existence of arbitrary files and disclose the installation path via a .. (dot dot) in unspecified parameters in the (1) tep_cache_also_purchased, (2) tep_cache_manufacturers_box, and (3) tep_cache_categories_box functions.
27 CVE-2006-4297 Exec Code Sql 2006-08-22 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in shopping_cart.php in osCommerce before 2.2 Milestone 2 060817 allows remote attackers to execute arbitrary SQL commands via id array parameters.
28 CVE-2005-4677 Exec Code Sql 2005-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in additional_images.php (aka the Additional Images module) before 1.14 in osCommerce allows remote attackers to execute arbitrary SQL commands via the products_id parameter to product_info.php.
29 CVE-2005-2330 Dir. Trav. 2005-07-20 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in extras/update.php in osCommerce 2.2 allows remote attackers to read arbitrary files via (1) .. sequences or (2) a full pathname in the readme_file parameter.
30 CVE-2005-1951 Http R.Spl. 2005-06-16 2008-09-05
5.0
None Remote Low Not required None Partial None
Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.php or (3) goto parameter to banner.php.
31 CVE-2005-0458 XSS 2005-05-02 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in contact_us.php in osCommerce 2.2-MS2 allows remote attackers to inject arbitrary web script or HTML via the enquiry parameter.
32 CVE-2004-2638 2004-12-31 2013-09-13
7.5
User Remote Low Not required Partial Partial Partial
The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote attackers to access files in the "admin/" directory by modifying the in_login parameter to a non-zero value.
33 CVE-2004-2044 +Info 2004-06-01 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.
34 CVE-2004-2021 Dir. Trav. 2004-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files via a .. (dot dot) in the filename argument.
35 CVE-2003-1219 XSS 2003-12-31 2012-12-12
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter.
36 CVE-2002-2019 94 Exec Code File Inclusion 2002-12-31 2011-06-29
7.5
None Remote Low Not required Partial Partial Partial
PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter.
37 CVE-2002-1991 Exec Code File Inclusion 2002-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file parameter to include_once.php.
Total number of vulnerabilities : 37   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.