Signature Detail

Short Name	HTTP:PHP:OSCOMMERCE-ADMIN
Severity	Medium
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	osCommerce Online Merchant Admin Console Remote Privilege Escalation
Release Date	2011/12/14
Update Number	2047
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: osCommerce Online Merchant Admin Console Remote Privilege Escalation

This signature detects attempts to exploit a known vulnerability in the osCommerce Online Merchant Admin Console. osCommerce version 2.2 RC2a is vulnerable. Authenticated attackers can send a maliciously crafted parameter to file_manager.php to escalate their user prvileges.

References

URL: http://www.oscommerce.com/

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: osCommerce Online Merchant Admin Console Remote Privilege Escalation

References