2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 BetaRC 2.2.0-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17319 and earlier allows remote attackers to inject...
CVE-2008-4535
EC-CUBE has multiple cross-site scripting (XSS) vulnerabilities documented as CVE-2008-4535, CVE-2008-4536, and CVE-2008-4537. Affected versions span EC-CUBE Ver1 and Ver2 lineups (including Community Edition Nightly-Builds up to specified revisions and beta RCs). The descriptions indicate that r...