EUVD-2016-2306

Malware in sbrugna...

shiro8 List 跨站脚本漏洞

shiro8 List is a plugin from the Japanese company shiro8 that displays and adds addresses and phone numbers to the order list of the order owner. A cross-site scripting vulnerability exists in shiro8 List, which originates. The vulnerability exists because the affected version of the software doe...

CVE-2016-1205

Cross-site scripting XSS vulnerability in the shiro8 1 categoryfreearea additionplugin plugin 1.0 and 2 itemdetailfreearea additionplugin plugin 1.0 for EC-CUBE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the shiro8 1 categoryfreearea additionplugin plugin 1.0 and 2 itemdetailfreearea additionplugin plugin 1.0 for EC-CUBE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Shiro8 category_freearea_ addition_plugin for LOCKON EC-CUBE plugin and itemdetail_freearea_ addition_plugin for LOCKON EC-CUBE plugin Cross Site Scripting Vulnerability

LOCKON EC-CUBE is an open source e-commerce website building platform developed by LOCKON Corporation. The platform supports product login , user reviews , art layout , etc. Shiro8 categoryfreearea additionplugin and itemdetailfreearea additionplugin are Japan Shiro8 company for the EC-CUBE...

JVN#63384827: Multiple shiro8 Co., Ltd. freearea_ addition_plugins for EC-CUBE vulnerable to cross-site scripting

EC-CUBE plugin "categoryfreearea additionplugin" and "itemdetailfreearea additionplugin" provided by shiro8 Co., Ltd. contain a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the logged in user's web browser. Solution Update the Software Update to the...