IDCVSSSummaryLast (major) updatePublished
CVE-2007-2968 4.3
Cross-site scripting (XSS) vulnerability in register.php in cpCommerce 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter (Full Name field).
16-10-2018 - 16:46 01-06-2007 - 01:30
CVE-2007-2890 7.5
SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter.
11-10-2017 - 01:32 30-05-2007 - 01:30
CVE-2008-4121 4.3
Multiple cross-site scripting (XSS) vulnerabilities in cpCommerce before 1.2.4 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in a search.quick action to search.php and (2) the name parameter in a sendtofri
11-10-2018 - 20:50 21-10-2008 - 18:00
CVE-2008-4637 4.3
Cross-site scripting (XSS) vulnerability in cpCommerce before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors in the advanced search feature. NOTE: this is probably a variant of CVE-2008-4121. Patch Informati
08-08-2017 - 01:32 21-10-2008 - 18:00
Back to Top Mark selected
Back to Top