2 matches found
CVE-2004-2109
CVE-2004-2109 describes multiple cross-site scripting (XSS) vulnerabilities in the Q-Shop application, specifically in the components (1) imagezoom.asp and (2) recommend.asp. The attacker can leverage these flaws to execute arbitrary JavaScript in a victim’s browser and potentially steal the user...
CVE-2004-2109
Multiple cross-site scripting XSS vulnerabilities in 1 imagezoom.asp or 2 recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL...