RSS   Vulnerabilities for 'Auction rss content script'   RSS

2009-09-15
 
CVE-2009-3195

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2) search.php.

 

 >>> Vendor: Jce-tech 8 Products
Searchfeed script
Auction rss content script
Php video script
Php calendars script
Affiliate master datafeed parser
Shareasale script
Overstock script
Video niche script


Copyright 2024, cxsecurity.com

 

Back to Top