2 matches found
CVE-2018-20564
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/productcategory.php?rec=update has XSS via the catname parameter...
CVE-2018-20564
CVE-2018-20564 affects DouCo DouPHP 1.5 20181221. The issue is a cross-site scripting (XSS) vulnerability in admin/product_category.php?rec=update via the bidirectional cat_name parameter. The root cause is improper handling of input in that parameter, leading to script injection and potential cl...