Vulnerabilities > Turnkey Solutions > Sunshop Shopping Cart > 3.0

DATE	CVE	VULNERABILITY TITLE	RISK
2006-05-01	CVE-2006-2124	Cross-Site Scripting vulnerability in SunShop Shopping Cart 3.0/3.5 Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prevaction, (2) previd, (3) prevstart, (4) itemid, (5) id, and (6) action parameters in index.php. network turnkey-solutions	5.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.