Quadcomm : Security Vulnerabilities, CVEs, (XSS)
Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter.
Max CVSS
4.3
EPSS Score
0.20%
Published
2009-02-24
Updated
2017-09-29
Multiple cross-site scripting (XSS) vulnerabilities in (1) imagezoom.asp or (2) recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL.
Max CVSS
6.8
EPSS Score
1.06%
Published
2004-12-31
Updated
2017-07-11
2 vulnerabilities found