osCommerce Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2018-18572
osCommerce 2.3.4.1 has an incomplete 39.htaccess39 for blacklist filtering in the quotproductquot page. Because of this filter script files with certain PHP-related extensions (such as .phtml and .php5) didn39t execute in the application. But this filter didn39t prevent the 39.pht39 extension. Thus remote authenticated administrators can upload 39.pht39 files for arbitrary PHP code execution via a /catalog/admin/categories.phpcPathampactionnew_product URI.