osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files (e.g., omitting .php) and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI.
References
Link | Resource |
---|---|
https://github.com/osCommerce/oscommerce2/issues/631 | Third Party Advisory |
https://github.com/osCommerce/oscommerce2/issues/631 | Third Party Advisory |
Configurations
History
21 Nov 2024, 03:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/osCommerce/oscommerce2/issues/631 - Third Party Advisory |
Information
Published : 2019-08-22 15:15
Updated : 2024-11-21 03:56
NVD link : CVE-2018-18573
Mitre link : CVE-2018-18573
CVE.ORG link : CVE-2018-18573
JSON object : View
Products Affected
oscommerce
- oscommerce
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')