CVE-2009-4046

Multiple SQL injection vulnerabilities in FrontAccounting FA 2.2.x before 2.2 RC allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 bankaccounts.php, 2 currencies.php, 3 exchangerates.php, 4 glaccounttypes.php, and 5 glaccounts.php in gl/manage/; and 6...

CE Phoenix 跨站脚本漏洞

CE Phoenix is a powerful e-commerce store from Phoenix Cart open source. A cross-site scripting vulnerability exists in CE Phoenix version v3.0.1, which stems from the presence of stored cross-site scripting in the Currency Management Panel that could lead to the execution of arbitrary JavaScript...