3 matches found
CVE-2014-3830
CVE-2014-3830 relates to a reflected XSS in TomatoCart 1.1.8.6.1, exploiting the faqs_id parameter in info.php to inject script/HTML. The description confirms the affected product/version and the vulnerability class, but the available documents do not specify a vendor patch/version for remediatio...
TomatoCart v1.x (latest-stable) Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3978 - Remote SQL Injection Vulnerability CVE-2014-3830 - Reflected Cross Site Scripting - ------------------------------------------------------------------------------ Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability...
TomatoCart 1.x Cross Site Scripting / SQL Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3978 - Remote SQL Injection Vulnerability CVE-2014-3830 - Reflected Cross Site Scripting - ------------------------------------------------------------------------------ Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability...