Random ramblings in Infosec

osCommerce v2.x SQL Injection Vulnerability

Hello everyone hatj

This is my first writeup and i would like to start it with the 0day vulnerability that i’ve found recently in osCommerce the well known open-source commerce web application .

it wasn’t a very easy task for me to find a vulnerability in the oscommerce as it’s an open source and being developed for many years but i always like accepting the tough challenges so i wanted to start playing with it.

Read More