Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oscommerce oscommerce - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-6579
A vulnerability, which was classified as critical, has been found in osCommerce 4. Affected by this issue is some unknown functionality of the file /b2b-supermarket/shopping-cart of the component POST Parameter Handler. The manipulation of the argument estimate[country_id] leads ...
Oscommerce Oscommerce 4.0
5.4
CVSSv3
CVE-2023-43702
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "tracking_number" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Oscommerce Oscommerce 4.12.56860
5.4
CVSSv3
CVE-2023-43703
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "product_info[][name]" parameter, potentially leading to unauthorized execution of scripts within a user's web bro...
Oscommerce Oscommerce 4.12.56860
5.4
CVSSv3
CVE-2023-43704
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Oscommerce Oscommerce 4.12.56860
5.4
CVSSv3
CVE-2023-43705
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "translation_value[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web bro...
Oscommerce Oscommerce 4.12.56860
5.4
CVSSv3
CVE-2023-43707
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "CatalogsPageDescriptionForm[1][name] " parameter, potentially leading to unauthorized execution of scripts within a us...
Oscommerce Oscommerce 4.12.56860
5.4
CVSSv3
CVE-2023-43708
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "configuration_title[1](MODULE_PAYMENT_SAGE_PAY_SERVER_TEXT_TITLE)" parameter, potentially leading to unauthorized exec...
Oscommerce Oscommerce 4.12.56860
5.4
CVSSv3
CVE-2023-43709
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "configuration_title[1](MODULE)" parameter, potentially leading to unauthorized execution of scripts within a user'...
Oscommerce Oscommerce 4.12.56860
5.4
CVSSv3
CVE-2023-43710
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "configuration_title[1][MODULE_SHIPPING_PERCENT_TEXT_TITLE]" parameter, potentially leading to unauthorized execution o...
Oscommerce Oscommerce 4.12.56860
5.4
CVSSv3
CVE-2023-43711
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "admin_firstname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Oscommerce Oscommerce 4.12.56860
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »