osCommerce Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2018-18572 - Vulnerability Database

osCommerce Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2018-18572

High
Reference: CVE-2018-18572
Title: osCommerce Unrestricted Upload of File with Dangerous Type Vulnerability
Overview:

osCommerce 2.3.4.1 has an incomplete 39.htaccess39 for blacklist filtering in the quotproductquot page. Because of this filter script files with certain PHP-related extensions (such as .phtml and .php5) didn39t execute in the application. But this filter didn39t prevent the 39.pht39 extension. Thus remote authenticated administrators can upload 39.pht39 files for arbitrary PHP code execution via a /catalog/admin/categories.phpcPathampactionnew_product URI.