3 matches found
HTB22878: XSS vulnerability in CosmoShop
Vulnerability ID: HTB22878 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincosmoshop.html Product: CosmoShop Vendor: Zaunz Publishing GmbH http://www.cosmoshop.de/ Vulnerable Version: ePRO V10.05.00 Vendor Notification: 24 February 2011 Vulnerability Type: Stored XSS Cross Site...
HTB22880: XSS vulnerability in CosmoShop
Vulnerability ID: HTB22880 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincosmoshop1.html Product: CosmoShop Vendor: Zaunz Publishing GmbH http://www.cosmoshop.de/ Vulnerable Version: ePRO V10.05.00 Vendor Notification: 24 February 2011 Vulnerability Type: Stored XSS Cross Site...
Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injections
source: https://www.securityfocus.com/bid/46828/info CosmoShop is prone to multiple cross-site scripting vulnerabilities and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal...