Security News > 2016 > February > E-commerce web apps vulnerable to hijacking, database compromise (Help Net Security)
High-Tech Bridge researchers have published details and PoC exploit code for several serious vulnerabilities in Osclass, osCmax, and osCommerce, three popular open source e-commerce web apps. Exploitation of the flaws could lead to remote code execution, allowing attackers to compromise the apps, steal databases, and upload malware on the site in order to infect visitors. Osclass is a web app that allows users to create a classifieds site without any technical knowledge. OsCmax is a … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/W-SOjMsZaZk/