Vulnerabilities > Valdersoft > Valdersoft Shopping Cart > 3.0

DATE	CVE	VULNERABILITY TITLE	RISK
2006-01-06	CVE-2006-0099	Remote File Include vulnerability in Valdersoft Shopping Cart 3.0 PHP remote file include vulnerability in (1) include/templates/categories/default.php and (2) certain other include/templates/categories/ PHP scripts in Valdersoft Shopping Cart 3.0 allows remote attackers to execute arbitrary code via a URL in the catalogDocumentRoot parameter. network low complexity valdersoft	7.5
2005-03-28	CVE-2005-0908	Cross-Site Scripting vulnerability in Valdersoft Shopping Cart 3.0 Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to index.php or (2) the searchTopCategoryID parameter to search_result.php. network valdersoft	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.