osCmax eCommerce v2.5.3
Exploitation of this vulnerability is possible via maliciously crafted URLs that contain malicious scripts. This may allow an attacker to siphon sensitive information or execute arbitrary web scripts within the context of the browser.
Exploitation of this vulnerability will grant an attacker access to the full installation path of the osCmax software on the system. This is useful for reconnaissance purposes by the attacker.
Unrestricted File Upload
This vulnerability allows an attacker to bypass certain security restrictions on the system, allowing the attacker to upload arbitrary files to the system.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 31875 - osCMax Multiple Vulnerabilities (20131213) (Zero-Day)
No mitigation is available.