CVE-2014-8377
The CVE-2014-8377 entry describes a Cross-site scripting (XSS) vulnerability in Webasyst Shop-Script 5.2.2.30933. The flaw allows remote attackers to inject arbitrary web script or HTML via the phone number field in a new contact to phpecom/index.php/webasyst/contacts/. Impact is partial integrit...