Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension (e.g., the test or test.asdf filename).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
osCommerce 输入验证错误漏洞
Vulnerability Description
osCommerce是一套基于GNUGPL授权的开源在线购物电子商务解决方案。 osCommerce 2.3.4.1版本中的http://[host ip]/oscommerce2/catalog/images/页面的‘.htaccess’文件存在安全漏洞。攻击者可利用该漏洞执行任意代码或HTML。
CVSS Information
N/A
Vulnerability Type
N/A