Vulnerabilities > Pentasoft Corp > Avactis Shopping Cart > 1.8.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-13 | CVE-2008-6969 | Cross-Site Scripting vulnerability in Pentasoft Corp. Avactis Shopping Cart 1.8.0/1.8.1 Multiple cross-site scripting (XSS) vulnerabilities in checkout.php in Avactis Shopping Cart 1.8.0 and 1.8.1 allow remote attackers to inject arbitrary web script or HTML via the (1) step_id and (2) CHECKOUT_CZ_BLOWFISH_KEY parameters. | 4.3 |