Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

osCommerce Unprotected Admin Directory Vulnerability Scan

Vulnerability Scan Summary
Checks for unprotected admin directory in osCommerce

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web host contains a PHP application that can be
administered by anyone.

Description :

The remote host is running osCommerce, an open-source e-commerce

The installation of osCommerce on the remote host apparently lets
anyone access the application's admin directory, which means that they
have complete administrative access to the site.

See also :

Solution :

Limit access to the directory using Apache's .htaccess or an
equivalent technique.

Threat Level:

High / CVSS Base Score : 7

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.