5 matches found
CVE-2010-2040
Cross-site scripting XSS vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter...
CVE-2010-2040
CVE-2010-2040 is an XSS in search.php of V-EVA Shopzilla Affiliate Script PHP, exploitable via the s parameter to inject arbitrary script/HTML. Connected sources confirm the vulnerability description but do not provide concrete patch/version details or exploitation specifics. No remediation, affe...
CVE-2010-2040
Cross-site scripting XSS vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter...
Shopzilla Affiliate Script Cross Site Scripting
x Author: Andrea Bocchetti x Homepage : http://www.geekit.it // Software Info x Name : Shopzilla Affiliate Script PHP x Vendor : http://www.v-eva.com/ x Price : 70.95 USD x Exploit : http://localhost/search.php?s=XSS http://www.shopping.v-eva.com/search.php?s=%3Cscript%3Ealert/XSS/%3C/script%3E E...
Shopzilla Affiliate Script PHP - search.php Cross-Site Scripting
Shopzilla Affiliate Script PHP - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40246/info Shopzilla Affiliate Script PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...