Information Disclosure Vulnerability in osCommerce by osCommerce
CVE-2011-3767

Currently unrated

Key Information:

Vendor

Oscommerce

Status
Oscommerce
Vendor
CVE Published:
24 September 2011

What is CVE-2011-3767?

osCommerce version 3.0a5 suffers from an information disclosure vulnerability that allows remote attackers to access sensitive data by making direct requests to specific .php files. This flaw can result in the exposure of sensitive information, such as the installation path, which can be seen in error messages like those generated by redirect.php. As a result, this could potentially lead to further exploitation of the system by malicious actors.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://code.google.com/p/inspathx/source/browse/trunk/pat...
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2011/06/27/6
mailing-listx_refsource_MLIST
https://exchange.xforce.ibmcloud.com/vulnerabilities/70605
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.