Vulnerabilities > Naxtor
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-05 | CVE-2005-2477 | SQL Injection vulnerability in Naxtor Shopping Cart 1.0 shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a "'" (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability. | 5.0 |
2005-08-05 | CVE-2005-2476 | Cross-Site Scripting vulnerability in Naxtor Shopping Cart 1.0 Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter. network naxtor | 4.3 |