Vulnerabilities > Ajsquare > Zeuscart > Medium

DATE CVE VULNERABILITY TITLE RISK
2015-03-11 CVE-2015-2182 Cross-site Scripting vulnerability in Ajsquare Zeuscart 4.0
Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter in a viewbrands action to index.php.
network
ajsquare CWE-79
4.3
4.3
2015-03-11 CVE-2010-5322 Cross-site Scripting vulnerability in Ajsquare Zeuscart
Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to index.php.
network
ajsquare CWE-79
4.3
4.3
2015-03-10 CVE-2015-2184 Information Exposure vulnerability in Ajsquare Zeuscart 4.0
ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function.
network
low complexity
ajsquare CWE-200
5.0
5.0