2 matches found
CVE-2011-5104
Cross-site scripting XSS vulnerability in wpsc-admin/display-sales-logs.php in WP e-Commerce plugin 3.8.7.1 and possibly earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the customtext parameter. NOTE: some of these details are obtained from third party...
CVE-2011-5104
CVE-2011-5104 affects the WP e-Commerce plugin (WordPress) in the file wpsc-admin/display-sales-logs.php with a vulnerability in the custom_text parameter, allowing remote attackers to inject arbitrary script/HTML (XSS). The issue is observed in WP e-Commerce 3.8.7.1 and possibly earlier. Remedia...