Oscommerce Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

E-Commerce Management Software	16

Product

osCommerce Japanese	2
osCommerce Online Merchant	2
osCommerce Luottokunta	2
osCommerce File Manager	2
osCommerce Phoenix CE	2

Remediation

Official Fix	8
Temporary Fix	0
Workaround	0
Unavailable	2
Not Defined	6

Exploitability

High	2
Functional	0
Proof-of-Concept	0
Unproven	2
Not Defined	12

Access Vector

Not Defined	0
Physical	0
Local	2
Adjacent	0
Network	14

Authentication

Not Defined	0
High	0
Low	6
None	10

User Interaction

Not Defined	0
Required	2
None	14

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	0
≤6	6
≤7	0
≤8	6
≤9	0
≤10	2

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	2
≤6	4
≤7	0
≤8	6
≤9	2
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	2
≤5	2
≤6	4
≤7	2
≤8	4
≤9	0
≤10	2

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	2
≤8	0
≤9	0
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Vendor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	2
<2k	6
<5k	8
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Today

<1k	16
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit Market Volume

🔴 CTI Activities

Affected Products (10): CE Phoenix (1), Customer Testimonials (1), File Manager (1), Finnish Bank Payment (1), Japanese (1), Luottokunta (1), Online Merchant (5), PHP Point Of Sale (1), Phoenix CE (2), Poll Booth (1)

Published	Base	Temp	Vulnerability	Prod	Exp	Rem	EPSS	CTI	CVE
10/28/2020	8.0	7.7	osCommerce Phoenix CE POST Parameter mail.php os command injection	E-Commerce Management Software	Not Defined	Official Fix	0.02666	0.03	CVE-2020-27976
10/28/2020	6.1	5.9	osCommerce Phoenix CE define_language.php cross-site request forgery	E-Commerce Management Software	Not Defined	Official Fix	0.00112	0.00	CVE-2020-27975
09/03/2020	5.2	4.9	osCommerce CE Phoenix order_status.php cross site scripting	E-Commerce Management Software	Not Defined	Official Fix	0.00078	0.05	CVE-2020-12058
06/28/2015	5.4	5.4	osCommerce Japanese File path traversal	E-Commerce Management Software	Not Defined	Not Defined	0.00177	0.04	CVE-2015-2965
01/13/2015	6.3	6.0	osCommerce Online Merchant update_zone sql injection	E-Commerce Management Software	Proof-of-Concept	Official Fix	0.00395	0.00	CVE-2014-10033
09/19/2012	5.3	5.1	osCommerce Online Merchant unknown vulnerability	E-Commerce Management Software	Not Defined	Official Fix	0.00214	0.00	CVE-2012-2991
05/27/2012	4.3	4.1	osCommerce Online Merchant cross site scripting	E-Commerce Management Software	High	Official Fix	0.00132	0.02	CVE-2012-2935
05/27/2012	4.3	4.3	osCommerce Online Merchant Error Message cross site scripting	E-Commerce Management Software	Not Defined	Not Defined	0.00117	0.00	CVE-2012-1792
02/13/2012	4.3	4.1	osCommerce Online Merchant cross site scripting	E-Commerce Management Software	Proof-of-Concept	Official Fix	0.00767	0.00	CVE-2012-1059
06/12/2009	9.8	8.5	osCommerce Luottokunta privileges management	E-Commerce Management Software	Unproven	Official Fix	0.00407	0.02	CVE-2009-2039

5 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 5 results.

◂ PreviousOverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!