Cross-Site Scripting Vulnerability in OSCommerce Online Merchant Software
CVE-2012-1792

Currently unrated

Key Information:

Vendor: Oscommerce
Status: Online Merchant
Vendor: CVE Published:; 27 May 2012

What is CVE-2012-1792?

A cross-site scripting vulnerability exists in OSCommerce Online Merchant 3.0.2 during the software installation phase. This issue allows remote attackers to inject arbitrary web scripts or HTML into the application via the 'name' parameter of oscommerce/index.php. The vulnerability arises from improper handling of error messages during the installation process. While exploiting this vulnerability requires accessing the installation interface, which may indicate administrator privileges, it still poses a significant risk to potential security breaches if misconfigured.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.trustwave.com/spiderlabs/advisories/TWSL2012-...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 27, 2012

JSON

Oscommerce

What is CVE-2012-1792?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.