VYPR
Unrated severityNVD Advisory· Published Dec 15, 2005· Updated Jun 16, 2026

CVE-2005-4248

CVE-2005-4248

Description

Multiple cross-site scripting (XSS) vulnerabilities in QuickPayPro 3.1 allow remote attackers to inject arbitrary web script or HTML via various fields, such as those in (1) communication/subscribers.tracking.add.php, (2) support/tickets.add.php, and (3) mycompany/categories.php.

Affected products

2
  • cpe:2.3:a:quickpaypro:quickpaypro:3.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:quickpaypro:quickpaypro:3.1:*:*:*:*:*:*:*
    • (no CPE)range: =3.1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.