2 matches found
CVE-2005-0270
Multiple cross-site scripting XSS vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to inject arbitrary web script or HTML via the 1 si parameter to showcat.php, 2 cat or 3 page parameter to showproduct.php, or 4 report parameter to reportproduct.php...
CVE-2005-0270
ReviewPost PHP Pro before 2.84 contains multiple XSS flaws. The vulnerabilities allow an attacker to inject arbitrary script via parameters: si in showcat.php, cat or page in showproduct.php, and report in reportproduct.php. Root cause appears to be insufficient input sanitization enabling cross-...