2 matches found
CVE-2013-7317
CVE-2013-7317 affects CS-Cart prior to 4.1.1 and involves cross-site scripting (XSS) via the vulnerable parameters settings_file and data_file to the SWF files ampie.swf, amline.swf, or amcolumn.swf. The issue allows remote attackers to inject arbitrary script/HTML in the context of the user’s br...
CS-Cart version 4.0.2 contains cross-site scripting vulnerabilities
Overview CS-Cart version 4.0.2 and possibly earlier versions contain cross-site scripting XSS vulnerabilities CWE-79. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CS-Cart version 4.0.2 and possibly earlier versions contain cross-site...