4 matches found
CVE-2010-1590
Cross-site scripting XSS vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via the client's DNS hostname aka the REMOTEHOST variable, related to the CookielessGenerateFilename an...
Cross site scripting
Cross-site scripting XSS vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via the client's DNS hostname aka the REMOTEHOST variable, related to the CookielessGenerateFilename an...
CVE-2010-1590
Cross-site scripting XSS vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via the client's DNS hostname aka the REMOTEHOST variable, related to the CookielessGenerateFilename an...
CVE-2010-1589
The CVE-2010-1589 entry concerns Rocksalt International VP-ASP Shopping Cart, version 6.50 and earlier, with a directory traversal vulnerability in shopsessionsubs.asp. The issue arises from manipulation of the REMOTE_HOST (DNS hostname) variable, linked to CookielessGenerateFilename and Cookiele...