Vulnerabilities > Storesprite

DATE	CVE	VULNERABILITY TITLE	RISK
2014-07-02	CVE-2014-3737	Cross-Site Scripting vulnerability in Storesprite Cross-site scripting (XSS) vulnerability in templates/defaultheader.php in Lamp Design Storesprite before 7 - 19-06-14, when using the currency selection dropdown, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to brand.php, related to the currencyUrl function. network high complexity storesprite CWE-79	2.6
2007-08-13	CVE-2007-4307	Cross-Site Scripting vulnerability in Storesprite 7 Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to (1) addaddress.php, (2) editshipdetails.php, (3) register.php, or (4) login.php in secure/. network storesprite	4.3

Vulnerabilities > Storesprite {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Storesprite"}]}