VYPR
Unrated severityNVD Advisory· Published Apr 22, 2010· Updated Jun 16, 2026

CVE-2010-1486

CVE-2010-1486

Description

Multiple cross-site scripting (XSS) vulnerabilities in _invoice.asp in CactuShop before 6.155 allow remote attackers to inject arbitrary web script or HTML via the (1) billing address or (2) shipping address.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • Cactusoft/Cactushop10 versions
    cpe:2.3:a:cactushop:cactushop:*:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:cactushop:cactushop:*:*:*:*:*:*:*:*range: <=6.1
    • cpe:2.3:a:cactushop:cactushop:3:*:*:*:*:*:*:*
    • cpe:2.3:a:cactushop:cactushop:4:*:*:*:*:*:*:*
    • cpe:2.3:a:cactushop:cactushop:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:cactushop:cactushop:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:cactushop:cactushop:4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:cactushop:cactushop:4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:cactushop:cactushop:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cactushop:cactushop:5.1:*:*:*:*:*:*:*
    • (no CPE)range: <6.155

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.