daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Clarify description

patch-1
Noam Rathaus 2021-09-12 12:41:33 +03:00
parent ddb2a4f54b
commit 896343be12
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
vulnerabilities/oscommerce/oscommerce-rce.yaml
View File

@ -3,7 +3,7 @@ id: oscommerce-rce
info:
author: Suman_Kar
name: osCommerce 2.3.4.1 - Remote Code Execution
description: Exploiting the install.php finish process by injecting php payload into the db_database parameter & read the system command output from configure.php
description: A vulnerability in osCommerce's install.php allows remote unauthenticated attackers to injecting PHP code into the db_database parameter, and subsequently use the configure.php page to to read the command's executed output
reference: https://www.exploit-db.com/exploits/50128
severity: high
tags: rce,oscommerce