RSS   Podatności dla 'Xt-commerce'   RSS

2009-02-03
 
CVE-2008-6045

CWE-287
 

 
Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter.

 
 
CVE-2008-6044

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in advanced_search_result.php in xt:Commerce 3.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.

 

 >>> Vendor: Xt-commerce 3 Produkty
Xt-commerce community made shopping
Xt-commerce
XT


Copyright 2020, cxsecurity.com

 

Back to Top