CVE-2018-18573: Code Injection
First published: Thu Aug 22 2019(Updated: )
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files (e.g., omitting .php) and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oscommerce Oscommerce | =2.3.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-18573?
CVE-2018-18573 is a vulnerability in osCommerce 2.3.4.1 that allows remote authenticated administrators to achieve arbitrary PHP code execution.
How can remote authenticated administrators exploit CVE-2018-18573?
Remote authenticated administrators can upload new '.htaccess' files with arbitrary PHP code execution through the '/catalog/admin/categories.php?cPath=&action=new_produ' page.
What is the severity of CVE-2018-18573?
CVE-2018-18573 has a severity rating of 7.2 (high).
What is the affected version of osCommerce?
osCommerce version 2.3.4.1 is affected by CVE-2018-18573.
Is there a fix available for CVE-2018-18573?
Yes, there is a fix available for CVE-2018-18573. It is recommended to update to the latest version of osCommerce.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/oscommerce
- canonical/oscommerce oscommerce
- version/oscommerce oscommerce/2.3.4.1