7 matches found
EUVD-2008-4724
Malware in sbrugna...
Scripts4Profit DXShopCart 4.30 'pid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30772/info DXShopCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in Scripts4Profit DXShopCart 4.30mc allows remote attackers to inject arbitrary web script or HTML via the keyword parameter...
CVE-2008-5119
CVE-2008-5119 describes an Cross-site scripting (XSS) vulnerability in the PHP script search.php of Scripts4Profit DXShopCart 4.30mc. The issue allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. The NVD entry lists a MEDIUM severity (CVSS v2.0: 4.3) with net...
CVE-2008-4744
SQL injection vulnerability in productdetail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter...
Sql injection
SQL injection vulnerability in productdetail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2008-4744
SQL injection vulnerability in productdetail.php in DXShopCart 4.30mc allows remote attackers to execute arbitrary SQL commands via the pid parameter...