Vulnerabilities > Candypress

DATE	CVE	VULNERABILITY TITLE	RISK
2007-10-23	CVE-2007-5629	Cross-Site Scripting vulnerability in Candypress Store 4.1 Cross-site scripting (XSS) vulnerability in admin/logon.asp in ShoppingTree CandyPress Store 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different vector than CVE-2007-2804. network candypress CWE-79	4.3
2007-05-22	CVE-2007-2804	Cross-Site Scripting vulnerability in CandyPress Store ProdList.ASP Multiple cross-site scripting (XSS) vulnerabilities in scripts/prodList.asp in CandyPress Store 3.5.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) brand and (2) Msg parameters. network candypress	4.3

Vulnerabilities > Candypress {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Candypress"}]}