Oscommerce
CVE-2023-6609
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
A vulnerability was found in osCommerce 4. It has been classified as problematic. This affects an unknown part of the file /b2b-supermarket/catalog/all-products. The manipulation of the argument keywords with the input %27%22%3E%3Cimg%2Fsrc%3D1+onerror%3Dalert%28document.cookie%29%3E leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247245 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
A vulnerability was found in osCommerce 4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. A vulnerability was found in osCommerce 4. It has been classified as problematic. This affects an unknown part of the file /b2b-supermarket/catalog/all-products. The manipulation of the argument keywords with the input %27%22%3E%3Cimg%2Fsrc%3D1+onerror%3Dalert%28document.cookie%29%3E leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247245 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Affected products include: Oscommerce.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.
More in Oscommerce
View allA vulnerability, which was classified as critical, has been found in osCommerce 4. Rated critical severity (CVSS 9.8), t
osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Rated critical severity (CVSS 9.8), this vuln
osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF. Rated high severity (CVSS 8.8), this vulnera
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database q
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database q
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database q
An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrar
The PayPal Pro PayFlow EC module in osCommerce does not verify that the server hostname matches a domain name in the sub
The PayPal Pro PayFlow module in osCommerce does not verify that the server hostname matches a domain name in the subjec
The PayPal Pro module in osCommerce does not verify that the server hostname matches a domain name in the subject's Comm
The PayPal Express module in osCommerce does not verify that the server hostname matches a domain name in the subject's
The MoneyBookers module in osCommerce does not verify that the server hostname matches a domain name in the subject's Co
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today