CVE-2008-1906
CVE-2008-1906 describes a cross-site scripting (XSS) vulnerability in cpCommerce 1.1.0, specifically in calendar.php. The issue allows remote attackers to inject arbitrary web script or HTML via the year parameter in a view.year action. The description and associated references confirm the vulner...