2 matches found
CVE-2004-1882
CVE-2004-1882 concerns CactuShop 5.x (ASP). The vulnerability is a cross-site scripting (XSS) flaw in the script popuplargeimage.asp, exploitable via the user-controlled parameter strImageTag . OpenVAS notes that the remote host runs CactuShop and that lack of sanitization can enable execution of...
CVE-2004-1882
Cross-site scripting XSS vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attackers to inject arbitrary web script or HTML via the strImageTag parameter...