Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

E-Commerce

osCommerce

osCommerce is an online shop e-commerce solution that offers a wide range of out-of-the-box features that allows online stores to be setup fairly quickly with ease and is available for free as an Open Source based solution.

Official Site:

https://www.oscommerce.com/

Severity Summary:

Critical: 3 High: 7 Medium: 45
Reference
Title
Severity
CVE-2020-27976
osCommerce Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical
CVE-2023-6579
osCommerce Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2020-23360
osCommerce Incorrect Comparison Vulnerability
Critical
CVE-2002-1991
osCommerce Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2018-18573
osCommerce Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2018-18572
osCommerce Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2002-2019
osCommerce Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2020-27975
osCommerce Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2008-0719
osCommerce Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2004-2638
osCommerce Other Vulnerability
High
CVE-2023-43733
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43706
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43714
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43713
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43712
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43711
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43710
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43709
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43708
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43707
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43704
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43705
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43703
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43702
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43716
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43730
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43731
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43735
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43732
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-43734
osCommerce Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium