Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oscommerce vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2003-1219
Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce prior to 2.2-MS3 allows remote malicious users to inject arbitrary web script or HTML via the osCsid parameter.
Oscommerce Oscommerce
1 EDB exploit
4.3
CVSSv2
CVE-2012-2935
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Shop/Application/Checkout/pages/main.php in OSCommerce Online Merchant 3.0.2 allows remote malicious users to inject arbitrary web script or HTML via the value_title parameter, a different vulnerability than CVE-...
Oscommerce Online Merchant 2.3.0
Oscommerce Online Merchant 2.2
Oscommerce Online Merchant 2.3.1
Oscommerce Online Merchant
2.6
CVSSv2
CVE-2012-1792
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Setup/Application/Install/RPC/DBCheck.php in OSCommerce Online Merchant 3.0.2, when the software is being installed, allows remote malicious users to inject arbitrary web script or HTML via the name parameter to ...
Oscommerce Online Merchant
Oscommerce Online Merchant 2.3.0
Oscommerce Online Merchant 2.2
Oscommerce Online Merchant 2.3.1
7.5
CVSSv2
CVE-2011-4543
Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) set or (2) module parameter to (a) OM/Core/Site/Admin/Application/templates_modules/pages/info.php, (b) OM/Core...
Oscommerce Oscommerce 3.0.2
NA
CVE-2023-43727
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "stock_indication_text[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web...
Oscommerce Oscommerce 4.12.56860
NA
CVE-2023-43728
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "stock_delivery_terms_text[1]" parameter, potentially leading to unauthorized execution of scripts within a user's...
Oscommerce Oscommerce 4.12.56860
NA
CVE-2023-43729
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "xsell_type_name[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web brows...
Oscommerce Oscommerce 4.12.56860
NA
CVE-2023-43730
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "countries_name[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browse...
Oscommerce Oscommerce 4.12.56860
NA
CVE-2023-43731
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "zone_name" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Oscommerce Oscommerce 4.12.56860
NA
CVE-2023-43732
Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows malicious users to inject JS through the "tax_class_title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser.
Oscommerce Oscommerce 4.12.56860
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »