RSS   Vulnerabilities for 'Webstores 2000'   RSS

2004-11-23
 
CVE-2004-0305

 
 
Cross-site scripting (XSS) vulnerability in error.asp in WebCortex WebStores 2000 6.0 allows remote attackers to execute arbitrary script as other users and steal session IDs via the Message_id parameter.

 
 
CVE-2004-0304

 
 
SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter.

 

Copyright 2024, cxsecurity.com

 

Back to Top