2 matches found
CVE-2006-1897
CVE-2006-1897 affects Webplus (aka talentsoft) Web+Shop 5.3.6. The vulnerability arises when the Redirect URL for the “Script Not Found” error is not configured, allowing remote attackers to cause information disclosure via the storeid parameter in store.wml within webplus.exe, revealing the path...
CVE-2006-1682
CVE-2006-1682 describes a cross-site scripting (XSS) vulnerability in webplus.exe within TalentSoft Web+Shop 5.0 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, potentially involving the webpshop/ department.wml script. The descrip...