RSS   Vulnerabilities for 'E-commerce asp engine'   RSS

2004-12-31
 
CVE-2004-2123

 

 
Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com E-Commerce ASP Engine allow remote attackers to inject arbitrary web script or HTML via the (1) level parameter of productdetail.asp, (2) searchKey parameter of searchresults.asp, and possibly (3) level parameter of ListCategories.asp.

 


Copyright 2024, cxsecurity.com

 

Back to Top