CVE-2018-18573
HIGHosCommerce 2.3.4.1 - Authenticated Remote Code Execution via .htaccess Upload
Title source: llmDescription
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files (e.g., omitting .php) and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_confirm
https://github.com/osCommerce/oscommerce2/issues/631
Scores
CVSS v3
7.2
EPSS
0.0254
EPSS Percentile
83.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-94
Status
published
Products (1)
oscommerce/oscommerce
2.3.4.1
Published
Aug 22, 2019
Tracked Since
Feb 18, 2026