Vulnerabilities > Ecommerce Corporation Online

DATE CVE VULNERABILITY TITLE RISK
2004-11-23 CVE-2004-0301 Multiple vulnerability in Ecommerce Corporation Online Store KIT 3.0Lite/3.0Pro/3.0Standard
Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter.
6.8
2004-11-23 CVE-2004-0300 Multiple vulnerability in Ecommerce Corporation Online Store KIT 3.0Lite/3.0Pro/3.0Standard
SQL injection vulnerability in Online Store Kit 3.0 allows remote attackers to inject arbitrary SQL and gain unauthorized access via (1) the cat parameter in shop.php, (2) the id parameter in more.php, (3) the cat_manufacturer parameter in shop_by_brand.php, or (4) the id parameter in listing.php.
network
low complexity
ecommerce-corporation-online
critical
10.0