CVE-2007-2804

2007-05-22T15:30:00
ID CVE-2007-2804
Type cve
Reporter NVD
Modified 2017-07-28T21:31:44

Description

Multiple cross-site scripting (XSS) vulnerabilities in scripts/prodList.asp in CandyPress Store 3.5.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) brand and (2) Msg parameters.