From 896343be128678e07d0c2166d7444d906a0f4f55 Mon Sep 17 00:00:00 2001
From: Noam Rathaus <noamr@beyondsecurity.com>
Date: Sun, 12 Sep 2021 12:41:33 +0300
Subject: [PATCH] Clarify description

---
 vulnerabilities/oscommerce/oscommerce-rce.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vulnerabilities/oscommerce/oscommerce-rce.yaml b/vulnerabilities/oscommerce/oscommerce-rce.yaml
index 5f888337fc..f359c42b11 100644
--- a/vulnerabilities/oscommerce/oscommerce-rce.yaml
+++ b/vulnerabilities/oscommerce/oscommerce-rce.yaml
@@ -3,7 +3,7 @@ id: oscommerce-rce
 info:
   author: Suman_Kar
   name: osCommerce 2.3.4.1 - Remote Code Execution
-  description: Exploiting the install.php finish process by injecting php payload into the db_database parameter & read the system command output from configure.php
+  description: A vulnerability in osCommerce's install.php allows remote unauthenticated attackers to injecting PHP code into the db_database parameter, and subsequently use the configure.php page to to read the command's executed output
   reference: https://www.exploit-db.com/exploits/50128
   severity: high
   tags: rce,oscommerce