osCommerce.Arbitrary.File.Upload
Description
This indicates an attempt to exploit an arbitrary file upload vulnerability in osCommerce.
The vulnerability is caused by an error that occurs when the vulnerable software handles file upload without authentication. It allows a remote attacker to execute arbitrary code via sending a crafted web page.
Affected Products
osCommerce Online Merchant 2.2 RC2a
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |