2 matches found
CVE-2010-1464
Multiple cross-site scripting XSS vulnerabilities in WebAsyst Shop-Script FREE allow remote attackers to inject arbitrary web script or HTML via the 1 currencyidleft, 2 currencyidright, 3 darkcolor, 4 lightcolor, 5 middlecolor, and 6 w parameters...
CVE-2010-1464
The CVE-2010-1464 entry describes multiple reflected XSS vulnerabilities in WebAsyst Shop-Script FREE, exploitable via the parameters currency_id_left, currency_id_right, darkcolor, lightcolor, middlecolor, and w. The underlying issue is an XSS input handling weakness that permits remote attacker...