Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Setup/Application/Install/RPC/DBCheck.php in OSCommerce Online Merchant 3.0.2, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the name parameter to oscommerce/index.php, which is not properly handled in an error message. NOTE: this might not be a vulnerability, since the ability to access oscommerce/index.php during installation may already imply administrator privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OSCommerce Online Merchant 跨站脚本漏洞
Vulnerability Description
osCommerce是一套基于GNUGPL授权的开源在线购物电子商务解决方案。 OSCommerce Online Merchant 3.0.2版本中的osCommerce/OM/Core/Site/Setup/Application/Install/RPC/DBCheck.php中存在跨站脚本漏洞(XSS)。当安装软件时,远程攻击者可利用该漏洞借助至oscommerce/index.php中那些未被正确处理的错误信息中的name参数,注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A