History | Log In     View a printable version of the current page. Get help!  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Filter: View Edit New Manage Filter modified since launch
You are currently using a new, unsaved search.

Summary
osCommerce Core
2.2
Sorted by: Priority ascending

Operations
Save

Issue Navigator
[ Permlink ]
Displaying issues 1 to 11 of 11 matching issues. 
Current View:
Browser | Printable | XML | Full Content (HTML | Word) | Excel (All fields | Current fields) Get help!

T Key Summary Assignee Reporter Pr Status Res Created Updated Due
Improvement OSC-1005 Possible error in V2.2 RC2 Mark Evans Charles Dow Minor Closed Closed Won't Fix 03/Sep/09 07/Sep/09  
Bug OSC-1020 The osCommerce installation on the remote host has a supplementary script, 'extras/update.php', that fails to validate user-supplied input to the 'readme_file' parameter before using that to display a file. Unassigned Barbara King Minor Resolved Resolved Fixed 17/Sep/09 19/Sep/09  
Bug OSC-761 Bypass of HTTP_GET_VARS escaping in osCommerce 2.2 RC2a with clean URLs enabled Harald Ponce de Leon WR Major Closed Closed Fixed 12/Dec/08 12/Dec/08  
Bug OSC-762 Nearly arbitrary, remote code execution in osCommerce 2.2 RC2a on Windows with DNS e-mail verification enabled Harald Ponce de Leon WR Major Closed Closed Fixed 12/Dec/08 12/Dec/08  
Bug OSC-763 Script injection due to outputting unescaped PHP_SELF Harald Ponce de Leon WR Major Closed Closed Fixed 12/Dec/08 12/Dec/08  
Bug OSC-684 Information Disclosure Harald Ponce de Leon John Cobb Major Closed Closed Fixed 06/Sep/08 12/Dec/08  
Improvement OSC-963 Misspelled variable name in index.php: "cateqories_products" Mark Evans Sylvan Major Resolved Resolved Fixed 10/Jul/09 06/Sep/09  
Task OSC-960 how to add zone number to ZONE RATE on shipping methods Mark Evans roland callanta Major Resolved Resolved Cannot Reproduce 08/Jul/09 06/Sep/09  
Task OSC-999 Make osCommerce 2.2. PHP 5.3 Compatible Mark Evans Mark Evans Major Reopened Reopened UNRESOLVED 29/Aug/09 12/Oct/09  
Bug OSC-1008 Security problem: Inadequate validation of page name in admin section (higher priority) Mark Evans Jim Driscoll Critical Resolved Resolved Fixed 03/Sep/09 05/Sep/09  
Bug OSC-907 CLONE -tep_session_is_registered() flaw with array_key_exists() Harald Ponce de Leon Gatis Linins Critical Open Open UNRESOLVED 18/May/09 06/Sep/09  

This site is running on Atlassian JIRA, the Professional Issue Tracker with a free Open Source Project / Non-profit License.
Download and evaluate JIRA for your organisation.
Try Atlassian JIRA™ software for bug tracking and task tracking.
Powered by Atlassian JIRA™ the Professional Issue Tracker. (Enterprise Edition, Version: 3.6.5-#161) - Bug/feature request - Contact Administrators