Vulnerabilities > Work System E Commerce

DATE CVE VULNERABILITY TITLE RISK
2008-04-16 CVE-2008-1839 Cross-Site Scripting vulnerability in Work System E-Commerce Work System E-Commerce 4.0.9
Multgiple cross-site scripting (XSS) vulnerabilities in module/main.php in WORK system e-commerce 4.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) day, (2) month, and (3) year parameters.
4.3
2007-11-03 CVE-2007-5801 Ajax Pages Security vulnerability in Work System e-commerce
Unspecified vulnerability in WORK system e-commerce before 4.0.2 has unknown impact and attack vectors related to "Ajax pages."
network
low complexity
work-system-e-commerce
7.5
2007-03-13 CVE-2007-1423 Remote File Include vulnerability in Work System ECommerce Include_Top.PHP
Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts.
network
work-system-e-commerce
critical
9.3