RSS   Vulnerabilities for 'Ecommerce'   RSS

2012-08-20
 
CVE-2012-4236

CWE-79
 
 
Cross-site scripting (XSS) vulnerability in the refresh_page function in application/modules/_main/views/_top.php in Total Shop UK eCommerce Open Source before 2.1.2_p1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

 

Copyright 2024, cxsecurity.com

 

Back to Top