osCommerce osCommerce 1.0.7.8 Phoenix Edition

CPE Details

osCommerce osCommerce 1.0.7.8 Phoenix Edition
oscommerce
oscommerce
1.0.7.8
2020-10-30
12h33 +00:00
2020-10-30
12h33 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oscommerce:oscommerce:1.0.7.8:*:*:*:phoenix:*:*:*

Informations

Vendor

oscommerce

Product

oscommerce

Version

1.0.7.8

Software Edition

phoenix

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-35212 2022-08-18 17h30 +00:00 osCommerce2 before v2.3.4.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the function tep_db_error().
6.1
Medium
CVE-2015-2965 2015-06-28 17h00 +00:00 Directory traversal vulnerability in osCommerce Japanese 2.2ms1j-R8 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors.
4
CVE-2006-5190 2006-10-06 17h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 2.2 Milestone 2 Update 060817 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter in the (a) banner_manager.php, (b) banner_statistics.php, (c) countries.php, (d) currencies.php, (e) languages.php, (f) manufacturers.php, (g) newsletters.php, (h) orders_status.php, (i) products_attributes.php, (j) products_expected.php, (k) reviews.php, (l) specials.php, (m) stats_products_purchased.php, (n) stats_products_viewed.php, (o) tax_classes.php, (p) tax_rates.php, or (q) zones.php scripts in /admin, and the (2) zpage parameter in (r) admin/geo_zones.php.
4.3
CVE-2003-1219 2005-08-04 02h00 +00:00 Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter.
4.3