EUVD-2014-3680

Malware in sbrugna...

EUVD-2007-4290

Malware in sbrugna...

Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite

Advisory ID: HTB23215 Product: Storesprite Vendor: Lamp Design Limited Vulnerable Versions: 7 and probably prior Tested Version: 7 Advisory Publication: May 14, 2014 without technical details Vendor Notification: May 14, 2014 Vendor Patch: June 19, 2014 Public Disclosure: June 25, 2014...

CVE-2014-3737

Cross-site scripting XSS vulnerability in templates/defaultheader.php in Lamp Design Storesprite before 7 - 19-06-14, when using the currency selection dropdown, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to brand.php, related to the currencyUrl function...

Cross site scripting

Cross-site scripting XSS vulnerability in templates/defaultheader.php in Lamp Design Storesprite before 7 - 19-06-14, when using the currency selection dropdown, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to brand.php, related to the currencyUrl function...

CVE-2014-3737

CVE-2014-3737 is a reflected XSS in Storesprite (Lamp Design Limited) via templates/defaultheader.php, exploitable when using the currency selection dropdown that triggers URI PATH_INFO to brand.php. Affects Storesprite v7 and likely earlier; vendor patch released on 2014-06-19 to fix the issue (...

CVE-2014-3737

Cross-site scripting XSS vulnerability in templates/defaultheader.php in Lamp Design Storesprite before 7 - 19-06-14, when using the currency selection dropdown, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to brand.php, related to the currencyUrl function...

Storesprite 7 Cross Site Scripting

Advisory ID: HTB23215 Product: Storesprite Vendor: Lamp Design Limited Vulnerable Versions: 7 and probably prior Tested Version: 7 Advisory Publication: May 14, 2014 without technical details Vendor Notification: May 14, 2014 Vendor Patch: June 19, 2014 Public Disclosure: June 25, 2014...

Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite

High-Tech Bridge Security Research Lab discovered XSS vulnerability in Storesprite, which can be exploited to perform Cross-Site Scripting attacks. 1 Reflected Cross-Site Scripting XSS in Storesprite: CVE-2014-3737 The vulnerability exists due to insufficient sanitisation of user-supplied data in...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to 1 addaddress.php, 2 editshipdetails.php, 3 register.php, or 4 login.php in secure/...

CVE-2007-4307

Storesprite 7 and earlier suffer multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via the next parameter to addaddress.php, editshipdetails.php, register.php, or login.php in the secure/ path. The affected component is the web application Storesprite...

CVE-2007-4307

Multiple cross-site scripting XSS vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to 1 addaddress.php, 2 editshipdetails.php, 3 register.php, or 4 login.php in secure/...

Storesprite XSS vuln.

Storesprite XSS vuln. Vuln. discovered by : r0t Date: 10 August 2007 vendor:http://www.storesprite.com/ orginal advisory: http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html affected versions:Storesprite 7 and previous Storesprite contains a flaw that allows a remote Cross-Site...