Unrated severityOSV Advisory· Published Nov 6, 2018· Updated Aug 5, 2024
CVE-2018-18966
CVE-2018-18966
Description
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but Internet Explorer render HTML elements in a .eml file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2v2.2ms2-060817, v2.2rc1, v2.2rc2, …+ 1 more
- (no CPE)range: v2.2ms2-060817, v2.2rc1, v2.2rc2, …
- (no CPE)range: = 2.3.4.1
Patches
Vulnerability mechanics
References
1- github.com/osCommerce/oscommerce2/issues/631mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.