22 matches found
CVE-2006-2669
Multiple cross-site scripting XSS vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 search parameter in search.php the "search box", 2 the prodid parameter in detail.php, and the 3 cid parameter in products.php...
Sql injection
Multiple SQL injection vulnerabilities in QuickEStore 7.9 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the OrderID parameter in a shipping.cfm and b checkout.cfm, 2 ItemID parameter in c proddetail.cfm, 3 SubCatID parameter in d index.cfm, the 4 CategoryID parameter ...