3 matches found
EUVD-2008-5098
Malware in sbrugna...
Scripts4Profit DXShopCart 4.30 'pid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30772/info DXShopCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
CVE-2008-5119
CVE-2008-5119 describes an Cross-site scripting (XSS) vulnerability in the PHP script search.php of Scripts4Profit DXShopCart 4.30mc. The issue allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. The NVD entry lists a MEDIUM severity (CVSS v2.0: 4.3) with net...