CVE-2018-18572

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-18572

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-18572.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-18572

Published

2019-08-22T15:15:11.967Z

Modified

2026-04-10T04:08:43.806207Z

Severity

7.2 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions (such as .phtml and .php5) didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote authenticated administrators can upload '.pht' files for arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI.

References

https://github.com/osCommerce/oscommerce2/issues/631

Affected packages

Git / github.com/oscommerce/oscommerce2

Affected ranges

Type

GIT

Repo

https://github.com/oscommerce/oscommerce2

Events

Introduced

Last affected

94e9e9efe7994bf88d8ade2e64881b4bfe1745d4

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.3.4.1"
        }
    ]
}

Affected versions

v2.*

v2.2ms2-060817

v2.2rc1

v2.2rc2

v2.2rc2a

v2.3.4

v2.3.4.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-18572.json"