EIP-2026-110354
PRE-CVEosCommerce - Arbitrary File Upload / File Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-110354. PoCs published by indoushka.
AI-analyzed exploit summary The exploit demonstrates a remote file upload and file disclosure vulnerability in osCommerce. It provides a form to upload arbitrary files and another to create files with arbitrary content, leveraging insufficient input sanitization. The file disclosure URL allows reading sensitive files like configuration files.
Description
osCommerce - Arbitrary File Upload / File Disclosure
Exploits (1)
The exploit demonstrates a remote file upload and file disclosure vulnerability in osCommerce. It provides a form to upload arbitrary files and another to create files with arbitrary content, leveraging insufficient input sanitization. The file disclosure URL allows reading sensitive files like configuration files.