virus logo Intrusion Prevention

osCommerce.Arbitrary.File.Upload

description-logoDescription

This indicates an attempt to exploit an arbitrary file upload vulnerability in osCommerce.
The vulnerability is caused by an error that occurs when the vulnerable software handles file upload without authentication. It allows a remote attacker to execute arbitrary code via sending a crafted web page.

affected-products-logoAffected Products

osCommerce Online Merchant 2.2 RC2a

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for suggested workaround.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 17845
Created Nov 03, 2009
Updated Dec 15, 2016
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App PHP_app