CNNVD-202507-3019 Information

CNNVD ID

CNNVD-202507-3019

Related CVE

CVE-2018-25114

• CNNVD Published: 2025-07-23

Description (Chinese)

osCommerce Online Merchant是osCommerce开源的一个电子商务平台。 osCommerce Online Merchant 2.3.4.1版本存在安全漏洞，该漏洞源于默认配置不安全，可能导致远程代码执行。

Description (English)

OsCommerce Online Merchant is an e-commerce platform open to OsCommerce. There is a security loophole in version 2.3.4.1 of the OsCommerce Online Mercant, which stems from a default configuration that is unsafe and may lead to remote code implementation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

osCommerce

Published

2025-07-23

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/ https://www.exploit-db.com/exploits/44374 https://www.oscommerce.com/ https://www.vulncheck.com/advisories/oscommerce-installer-unauth-config-file-injection-php-code-execution