RSS   Podatności dla 'Clickcartpro'   RSS

2005-12-16
 
CVE-2005-4293

 
 
Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.

 
2002-12-31
 
CVE-2002-2310

 
 
ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.

 

Copyright 2024, cxsecurity.com

 

Back to Top