CVE-2014-4302
HAM3D Shop Engine CMS is affected by CVE-2014-4302: an XSS vulnerability in rating/rating.php allows injecting arbitrary scripts via the ID parameter. The issue is documented with a base CVSS v2 score of 4.3 (MEDIUM) and vector AV:N/AC:M/Au:N/C:N/I:P/A:N. Connected sources (NVD, Red Hat, OpenVAS)...