Vulnerabilities > Oscommerce > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-07 CVE-2023-6579 SQL Injection vulnerability in Oscommerce 4.0
A vulnerability, which was classified as critical, has been found in osCommerce 4.
network
low complexity
oscommerce CWE-89
critical
 9.8
9.8
2020-10-28 CVE-2020-27976 OS Command Injection vulnerability in Oscommerce
osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely.
network
low complexity
oscommerce CWE-78
critical
 10.0
10
2009-06-12 CVE-2009-2039 Remote Security vulnerability in Oscommerce Luottokunta 1.3
Unspecified vulnerability in the Luottokunta module before 1.3 for osCommerce has unknown impact and attack vectors related to orders.
network
low complexity
oscommerce
critical
 10.0
10
2009-06-12 CVE-2009-2038 Unspecified vulnerability in Oscommerce Finnish Bank Payment
Unspecified vulnerability in the Finnish Bank Payment module 2.2 for osCommerce has unknown impact and attack vectors related to bank charges.
network
low complexity
oscommerce
critical
 10.0
10