Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-2476 | 1 Naxtor | 1 Shopping Cart | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | |||||
CVE-2005-2477 | 1 Naxtor | 1 Shopping Cart | 2024-02-04 | 5.0 MEDIUM | N/A |
shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a "'" (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability. |