Vulnerabilities > Shopsite
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-26 | CVE-2024-22550 | Unrestricted Upload of File with Dangerous Type vulnerability in Shopsite 14.0 An arbitrary file upload vulnerability in the component /alsdemo/ss/mediam.cgi of ShopSite v14.0 allows attackers to execute arbitrary code via uploading a crafted SVG file. | 6.1 |
2006-12-12 | CVE-2006-6485 | Cross-Site Scripting vulnerability in Shopsite 8.1 Multiple cross-site scripting (XSS) vulnerabilities in ShopSite 8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the prevlocation parameter in shopper/sc/registration.cgi and other unspecified vectors. network shopsite | 6.8 |