Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2022-35212

Published: 18/08/2022 Updated: 19/08/2022
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Oscommerce

Vulnerability Summary

osCommerce2 before v2.3.4.1 exists to contain a cross-site scripting (XSS) vulnerability via the function tep_db_error().

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oscommerce oscommerce

Github Repositories

https://github.com/cuhk-seclab/TChecker

TChecker: Precise Static Inter-Procedural Analysis for Detecting Taint-Style Vulnerabilities in PHP Applications TChecker is a static taint analysis tool for PHP applications The key idea in TChecker is to iteratively construct call graph and precisely perform inter-procedural taint analysis TChecker found 18 new vulnerabilities and two CVEs (CVE-2022-35212, CVE-2022-35213) w

References

CWE-79https://forums.oscommerce.com/topic/497119-potencial-xss-vulnerability/?tab=comments#comment-1823082https://nvd.nist.govhttps://github.com/cuhk-seclab/TChecker
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook