Vulnerabilities > Early Impact > Productcart > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2174 | Multiple vulnerability in EarlyImpact ProductCart Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter. network early-impact | 4.3 |
| 2004-12-31 | CVE-2004-2173 | Multiple vulnerability in EarlyImpact ProductCart SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductCart allows remote attackers to execute arbitrary SQL commands via the priceUntil parameter. | 7.5 |
| 2003-12-31 | CVE-2003-1304 | Unspecified vulnerability in Early Impact Productcart EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request. | 5.0 |