CVE-2018-25114 | osCommerce Online Merchant 2.3.4.1 HTTP POST Requst install_4.php unrestricted upload (Exploit 44374 / EDB-44374)

A vulnerability, which was classified as critical, was found in osCommerce Online Merchant 2.3.4.1. Affected is an unknown function of the file install_4.php of the component HTTP POST Requst Handler. The manipulation leads to unrestricted upload.

This vulnerability is traded as CVE-2018-25114. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More