Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oscommerce oscommerce 2.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1951
Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and previous versions allow remote malicious users to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.ph...
Oscommerce Oscommerce 2.2 Ms1
Oscommerce Oscommerce 2.2 Ms2
Oscommerce Oscommerce 2.2 Cvs
Oscommerce Oscommerce 2.1
1 EDB exploit
NA
CVE-2004-2021
Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote malicious users to view arbitrary files via a .. (dot dot) in the filename argument.
Oscommerce Oscommerce 2.2 Ms3
Oscommerce Oscommerce 2.2 Ms1
Oscommerce Oscommerce 2.2 Ms2
Oscommerce Oscommerce 2.2 Cvs
Oscommerce Oscommerce 2.1
1 EDB exploit
NA
CVE-2006-5190
Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 2.2 Milestone 2 Update 060817 allow remote malicious users to inject arbitrary web script or HTML via the (1) page parameter in the (a) banner_manager.php, (b) banner_statistics.php, (c) countries.php, (d) currenci...
Oscommerce Oscommerce 2.2 Ms3
Oscommerce Oscommerce
Oscommerce Oscommerce 2.2 Ms1
Oscommerce Oscommerce 1.11
Oscommerce Oscommerce 2.2 Ms2
Oscommerce Oscommerce 1.5.1
Oscommerce Oscommerce 1.12
Oscommerce Oscommerce 2.2 Cvs
Oscommerce Oscommerce 2.1
Oscommerce Oscommerce 1.1
Oscommerce Oscommerce 1.13
17 EDB exploits
NA
CVE-2002-1991
PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file parameter to include_once.php.
Oscommerce Oscommerce 2.1
1 EDB exploit
NA
CVE-2002-2019
PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote malicious users to execute arbitrary PHP code via the include_file parameter.
Oscommerce Oscommerce 2.1
1 EDB exploit
NA
CVE-2004-2044
PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote mali...
Francisco Burzi Php-nuke 5.3.1
Francisco Burzi Php-nuke 5.1
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Oscommerce Osc2nuke 7x 1.0
Francisco Burzi Php-nuke 5.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 5.5
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 5.4
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 5.2a
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 5.0.1
Francisco Burzi Php-nuke 5.2
Paul Laudanski Betanc Php-nuke Bundle
Francisco Burzi Php-nuke 5.6
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started