3 matches found
Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite
Advisory ID: HTB23215 Product: Storesprite Vendor: Lamp Design Limited Vulnerable Versions: 7 and probably prior Tested Version: 7 Advisory Publication: May 14, 2014 without technical details Vendor Notification: May 14, 2014 Vendor Patch: June 19, 2014 Public Disclosure: June 25, 2014...
CVE-2014-3737
CVE-2014-3737 is a reflected XSS in Storesprite (Lamp Design Limited) via templates/defaultheader.php, exploitable when using the currency selection dropdown that triggers URI PATH_INFO to brand.php. Affects Storesprite v7 and likely earlier; vendor patch released on 2014-06-19 to fix the issue (...
Storesprite 7 Cross Site Scripting
Advisory ID: HTB23215 Product: Storesprite Vendor: Lamp Design Limited Vulnerable Versions: 7 and probably prior Tested Version: 7 Advisory Publication: May 14, 2014 without technical details Vendor Notification: May 14, 2014 Vendor Patch: June 19, 2014 Public Disclosure: June 25, 2014...