cbcvebase.

Oscommerce vulnerabilities

73 known vulnerabilities affecting oscommerce/oscommerce.

Total CVEs
73
CISA KEV
0
Public exploits
9
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH13MEDIUM56

Vulnerabilities

Page 1 of 4
CVE-2009-20006P2CRITICALCVSS 9.3PoC≤ 2.2 RC2a2025-09-16
CVE-2009-20006 [CRITICAL] CWE-434 CVE-2009-20006: osCommerce versions up to and including 2.2 RC2a contain a vulnerability in its administrative file osCommerce versions up to and including 2.2 RC2a contain a vulnerability in its administrative file manager utility (admin/file_manager.php). The interface allows file uploads and edits without sufficient input validation or access control. An unauthenticated attacker can craft a POST request to upload a .php file containing arbitrary code, which i
nvd
CVE-2023-6579P2CRITICALCVSS 9.8v4.0v42023-12-07
CVE-2023-6579 [CRITICAL] CWE-89 CVE-2023-6579: A vulnerability, which was classified as critical, has been found in osCommerce 4. Affected by this A vulnerability, which was classified as critical, has been found in osCommerce 4. Affected by this issue is some unknown functionality of the file /b2b-supermarket/shopping-cart of the component POST Parameter Handler. The manipulation of the argument estimate[country_id] leads to sql injection. The attack may be launched remotely. The identifier of
nvd
CVE-2008-0719P3HIGHCVSS 7.5PoCv2.22008-02-12
CVE-2008-0719 [HIGH] CWE-89 CVE-2008-0719: SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addo SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addon for osCommerce Online Merchant 2.2 allows remote attackers to execute arbitrary SQL commands via the testimonial_id parameter.
nvd
CVE-2020-27976P2CRITICALCVSS 9.8fixed in 1.0.5.42020-10-28
CVE-2020-27976 [CRITICAL] CWE-78 CVE-2020-27976: osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option.
nvd
CVE-2002-1991P3HIGHCVSS 7.5PoCv2.12002-12-31
CVE-2002-1991 [HIGH] CWE-94 CVE-2002-1991: PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file p PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file parameter to include_once.php.
nvd
CVE-2005-2330P3MEDIUMCVSS 5.0PoCv2.2_ms22005-07-20
CVE-2005-2330 [MEDIUM] CVE-2005-2330: Directory traversal vulnerability in extras/update.php in osCommerce 2.2 allows remote attackers to Directory traversal vulnerability in extras/update.php in osCommerce 2.2 allows remote attackers to read arbitrary files via (1) .. sequences or (2) a full pathname in the readme_file parameter.
nvd
CVE-2002-2019P3HIGHCVSS 7.5PoCv2.12002-12-31
CVE-2002-2019 [HIGH] CWE-94 CVE-2002-2019: PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter.
nvd
CVE-2019-25495P3HIGHCVSS 7.5v2.3.4.12026-02-27
CVE-2019-25495 [HIGH] CWE-89 CVE-2019-25495: osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to m osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviews_id parameter. Attackers can send GET requests to product_reviews_write.php with malicious reviews_id values using boolean-based SQL injection payloads to extract sensitive database info
nvd
CVE-2019-25497P3HIGHCVSS 7.5≤ 2.3.4.1v2.3.4.12026-02-27
CVE-2019-25497 [HIGH] CWE-89 CVE-2019-25497: osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to m osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the currency parameter. Attackers can send GET requests to shopping_cart.php with malicious currency values using boolean-based SQL injection payloads to extract sensitive database information.
nvd
CVE-2004-2021P4MEDIUMCVSS 5.0PoCv2.1v2.2_cvs+3 more2004-12-31
CVE-2004-2021 [MEDIUM] CVE-2004-2021: Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to v Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files via a .. (dot dot) in the filename argument.
nvd
CVE-2019-25496P3HIGHCVSS 7.5v2.3.4.12026-02-27
CVE-2019-25496 [HIGH] CWE-89 CVE-2019-25496: osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to m osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the products_id parameter. Attackers can modify the products_id value in product_info.php requests and append boolean-based SQL injection payloads to extract sensitive database information.
nvd
CVE-2020-23360P3CRITICALCVSS 9.8v2.3.4.12021-01-27
CVE-2020-23360 [CRITICAL] CWE-697 CVE-2020-23360: oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a n oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php
nvd
CVE-2018-18573P3HIGHCVSS 7.2v2.3.4.12019-08-22
CVE-2018-18573 [HIGH] CWE-94 CVE-2018-18573: osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remo osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files (e.g., omitting .php) and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI.
nvd
CVE-2018-18572P3HIGHCVSS 7.2v2.3.4.12019-08-22
CVE-2018-18572 [HIGH] CWE-434 CVE-2018-18572: osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Beca osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions (such as .phtml and .php5) didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote authenticated administrators can upload '.pht' files for
nvd
CVE-2005-1951P4MEDIUMCVSS 5.0PoCv2.1v2.2_cvs+2 more2005-06-16
CVE-2005-1951 [MEDIUM] CVE-2005-1951: Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow rem Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.php or (3) goto parameter to banner.php.
nvd
CVE-2006-5190P4MEDIUMCVSS 4.3PoC≤ 2.2_ms2_2006-08-17v1.1+9 more2006-10-10
CVE-2006-5190 [MEDIUM] CVE-2006-5190: Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 2.2 Milestone 2 Update 060817 allo Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 2.2 Milestone 2 Update 060817 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter in the (a) banner_manager.php, (b) banner_statistics.php, (c) countries.php, (d) currencies.php, (e) languages.php, (f) manufacturers.php, (g) newsletters.php, (h) orders_statu
nvd
CVE-2003-1219P4MEDIUMCVSS 4.3PoC≤ 2.2_ms22003-12-31
CVE-2003-1219 [MEDIUM] CVE-2003-1219: Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osComm Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter.
nvd
CVE-2011-4543P3HIGHCVSS 7.5v3.0.22011-12-05
CVE-2011-4543 [HIGH] CWE-22 CVE-2011-4543: Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include a Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) set or (2) module parameter to (a) OM/Core/Site/Admin/Application/templates_modules/pages/info.php, (b) OM/Core/Site/Admin/Application/templates_modules/pages/edit.php, or (c) OM/Core/Site/Admi
nvd
CVE-2020-27975P3HIGHCVSS 8.8fixed in 1.0.5.42020-10-28
CVE-2020-27975 [HIGH] CWE-352 CVE-2020-27975: osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF. osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF.
nvd
CVE-2006-4297P4HIGHCVSS 7.5v2.2_ms2_2006-08-172006-08-23
CVE-2006-4297 [HIGH] CVE-2006-4297: SQL injection vulnerability in shopping_cart.php in osCommerce before 2.2 Milestone 2 060817 allows SQL injection vulnerability in shopping_cart.php in osCommerce before 2.2 Milestone 2 060817 allows remote attackers to execute arbitrary SQL commands via id array parameters.
nvd
Oscommerce vulnerabilities | cvebase