Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

osCommerce readme_file Parameter File Disclosure Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Tries to read a file with osCommerce

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP script that is affected by a
file disclosure vulnerability.

Description :

The remote host is running osCommerce, an open-source e-commerce
system.

The osCommerce installation on the remote host has a supplementary
script, 'extras/update.php', that fails to validate user-supplied
input to the 'readme_file' parameter before using that to display a
file. A possible hacker can exploit this flaw to read arbitrary files on
the remote host, such as the '.htaccess' file used to protect the
admin directory.

See also :

http://www.oscommerce.com/community/bugs,2835

Solution :

Remove the 'extras/update.php' script.

Threat Level:

Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.