1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

E-commerce web apps vulnerable to hijacking, database compromise

Discussion in 'Help Net Security' started by RSS, Feb 18, 2016.

  1. RSS

    RSS New Member Member

    High-Tech Bridge researchers have published details and PoC exploit code for several serious vulnerabilities in Osclass, osCmax, and osCommerce, three popular open source e-commerce web apps. Exploitation of the flaws could lead to remote code execution, allowing attackers to compromise the apps, steal databases, and upload malware on the site in order to infect visitors. Osclass is a web app that allows users to create a classifieds site without any technical knowledge. OsCmax is a … More →

    Continue reading...

Share This Page