Security News > 2016 > February > E-commerce web apps vulnerable to hijacking, database compromise (Help Net Security)
2016-02-18 21:00
High-Tech Bridge researchers have published details and PoC exploit code for several serious vulnerabilities in Osclass, osCmax, and osCommerce, three popular open source e-commerce web apps. Exploitation of the flaws could lead to remote code execution, allowing attackers to compromise the apps, steal databases, and upload malware on the site in order to infect visitors. Osclass is a web app that allows users to create a classifieds site without any technical knowledge. OsCmax is a … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/W-SOjMsZaZk/
Related news
- NIST's security flaw database still backlogged with 17K+ unprocessed bugs. Not great (source)
- AI’s impact on the future of web application security (source)
- Overreliance on GenAI to develop software compromises security (source)
- Here's what happens if you don't layer network security – or remove unused web shells (source)