CVE-2018-25114
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-23

Last updated on: 2025-07-25

Assigner: VulnCheck

Description
A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1 due to insecure default configuration and missing authentication in the installer workflow. By default, the /install/ directory remains accessible after installation. An unauthenticated attacker can invoke install_4.php, submit crafted POST data, and inject arbitrary PHP code into the configure.php file. When the application later includes this file, the injected payload is executed, resulting in full server-side compromise.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-23
Last Modified
2025-07-25
Generated
2026-05-27
AI Q&A
2025-07-23
EPSS Evaluated
2026-05-25
NVD
CVE-2018-25114
EUVD
EUVD-2018-21601
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
oscommerce online_merchant 2.3.4.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a remote code execution issue in osCommerce Online Merchant version 2.3.4.1. It occurs because the /install/ directory remains accessible after installation without authentication. An attacker can access install_4.php, send specially crafted POST data, and inject arbitrary PHP code into the configure.php file. When the application later includes this file, the injected code executes, allowing the attacker to fully compromise the server.


How can this vulnerability impact me? :

The vulnerability can lead to full server-side compromise, meaning an attacker can execute arbitrary code on the server. This can result in unauthorized access, data theft, data manipulation, service disruption, and potentially complete control over the affected system.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, immediately restrict or remove access to the /install/ directory after installation. Ensure that the installer workflow is not accessible to unauthenticated users. Remove or secure the install_4.php script to prevent arbitrary PHP code injection into configure.php. Applying these steps will prevent attackers from exploiting the insecure default configuration and missing authentication.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart