PT-2005-2902 · Oscommerce · Oscommerce

James Bercegay

Published

2005-06-14

Updated

2016-10-18

CVE-2005-1951

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions osCommerce versions 2.2 Milestone 2 and earlier

Description The issue allows remote attackers to spoof web content and poison web caches. This is achieved by inserting hex-encoded CRLF ("%0d%0a") sequences in specific parameters. The affected parameters include products id or pid in index.php and goto in banner.php.

Recommendations For osCommerce versions 2.2 Milestone 2 and earlier, consider restricting access to the index.php and banner.php files until a fix is available. As a temporary workaround, avoid using the products id, pid, and goto parameters in the affected API endpoints.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1951

Affected Products

Oscommerce

PT-2005-2902 · Oscommerce · Oscommerce

CVE-2005-1951

Related Identifiers

Affected Products

References · 8