Vulnerabilities > Oscommerce > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-09-03 CVE-2020-12058 Cross-site Scripting vulnerability in Oscommerce CE Phoenix 1.0.6.0
Several XSS vulnerabilities in osCommerce CE Phoenix before 1.0.6.0 allow an attacker to inject and execute arbitrary JavaScript code.
network
low complexity
oscommerce CWE-79
6.1
6.1
2018-11-06 CVE-2018-18966 Unspecified vulnerability in Oscommerce Online Merchant 2.3.4.1
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page.
network
low complexity
oscommerce
4.9
4.9
2018-11-06 CVE-2018-18965 Unspecified vulnerability in Oscommerce Online Merchant 2.3.4.1
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page.
network
low complexity
oscommerce
4.9
4.9
2018-11-06 CVE-2018-18964 Unspecified vulnerability in Oscommerce Online Merchant 2.3.4.1
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page.
network
low complexity
oscommerce
4.9
4.9