22 matches found
DEBIAN-CVE-2007-4483
Cross-site scripting XSS vulnerability in index.php in the WordPress Classic 1.5 theme in WordPress before 2.1.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF...
CVE-2000-1001
CVE-2000-1001 affects Element InstantShop: the add_2_basket.asp endpoint allows remote attackers to modify price information via the hidden form variable price. The underlying issue is input/data integrity on the price field, enabling tampering before processing. The CVSS data assigns a base scor...