happymall-adv.txt

Happymall E-Commerce Directory Transversal Bug and Cross-site scripting Vendor: Happycgi.com Product: Happymall Versions: 4.3, 4.4 patched version too 'normalhtml.cgi' doesn't filter user-supplied input. The well-known directory transversal and cross-site scripting XSS vulnerabilities are present...

One more flaw in Happymall

Happymall E-Commerce Directory Transversal Bug and Cross-site scripting Vendor: Happycgi.com Product: Happymall Versions: 4.3, 4.4 patched version too 'normalhtml.cgi' doesn't filter user-supplied input. The well-known directory transversal and cross-site scripting XSS vulnerabilities are present...

CVE-2003-0243

Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the 1 normalhtml.cgi or 2 memberhtml.cgi scripts...