EUVD-2004-0301

Malware in sbrugna...

Ecommerce Corporation Online Store Kit 3.0 More.PHP id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/9676/info Multiple vulnerabilities have been identified in the software due to improper sanitization of user-supplied input. Successful exploitation of these issues could allow an attacker to carry out cross-site scriptin...

Ecommerce Corporation Online Store Kit 3.0 More.PHP XSS

No description provided by source. source: http://www.securityfocus.com/bid/9676/info Multiple vulnerabilities have been identified in the software due to improper sanitization of user-supplied input. Successful exploitation of these issues could allow an attacker to carry out cross-site scriptin...

runt-communications Design - property_more.php SQL Injection

runt-communications Design - propertymore.php SQL Injection ------------------------------------------------------------------------------------------- runt-communications Design propertymore.php SQL Injection Vulnerability...

CVE-2004-0301

CVE-2004-0301 is an XSS vulnerability in Online Store Kit 3.0, specifically in more.php via the id parameter. The root cause is insufficient input sanitization of the id value, allowing remote attackers to inject arbitrary HTML. Impact is described as partial confidentiality, integrity, and avail...

eCommerce Corporation Online Store Kit 3.0 - 'More.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/9676/info Multiple vulnerabilities have been identified in the software due to improper sanitization of user-supplied input. Successful exploitation of these issues could allow an attacker to carry out cross-site scripting and SQL injection attacks via th...