Unrated severityNVD Advisory· Published Apr 22, 2010· Updated Jun 16, 2026
CVE-2010-1486
CVE-2010-1486
Description
Multiple cross-site scripting (XSS) vulnerabilities in _invoice.asp in CactuShop before 6.155 allow remote attackers to inject arbitrary web script or HTML via the (1) billing address or (2) shipping address.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:cactushop:cactushop:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:cactushop:cactushop:*:*:*:*:*:*:*:*range: <=6.1
- cpe:2.3:a:cactushop:cactushop:3:*:*:*:*:*:*:*
- cpe:2.3:a:cactushop:cactushop:4:*:*:*:*:*:*:*
- cpe:2.3:a:cactushop:cactushop:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:cactushop:cactushop:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:cactushop:cactushop:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:cactushop:cactushop:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:cactushop:cactushop:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:cactushop:cactushop:5.1:*:*:*:*:*:*:*
- (no CPE)range: <6.155
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.