| Max CVSS | 9.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-2701 | 4.3 |
Cross-site scripting (XSS) vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter.
|
29-07-2017 - 01:29 | 31-12-2004 - 05:00 | |
| CVE-2004-2699 | 4.3 |
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter.
|
29-07-2017 - 01:29 | 31-12-2004 - 05:00 | |
| CVE-2004-2700 | 9.0 |
Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx.
|
05-09-2008 - 04:00 | 31-12-2004 - 05:00 |