MidnightBSD

Advisories for myezshop

CVE-2005-4571 MEDIUM

Cross-site scripting (XSS) vulnerability in myEZshop Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
myezshop myezshop_shopping_cart *
CVE-2005-4572 HIGH

Multiple SQL injection vulnerabilities in myEZshop Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) GroupsId and (2) ItemsId parameters in admin.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
myezshop myezshop_shopping_cart *