Vulnerabilities > Oscommerce > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-07 CVE-2023-6579 Unspecified vulnerability in Oscommerce 4.0
A vulnerability, which was classified as critical, has been found in osCommerce 4.
network
low complexity
oscommerce
critical
 9.8
9.8
2021-01-27 CVE-2020-23360 Incorrect Comparison vulnerability in Oscommerce 2.3.4.1
oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php
network
low complexity
oscommerce CWE-697
critical
 9.8
9.8
2020-10-28 CVE-2020-27976 OS Command Injection vulnerability in Oscommerce
osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely.
network
low complexity
oscommerce CWE-78
critical
 9.8
9.8