Store Kit

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2004-0301	Ecommerce Corporation Online Store Kit		0.03	—	0.01		Nov 23, 2004	Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter.
CVE-2004-0300	Ecommerce Corporation Online Store Kit		0.03	—	0.03		Nov 23, 2004	SQL injection vulnerability in Online Store Kit 3.0 allows remote attackers to inject arbitrary SQL and gain unauthorized access via (1) the cat parameter in shop.php, (2) the id parameter in more.php, (3) the cat_manufacturer parameter in shop_by_brand.php, or (4) the id…

CVE-2004-0301Nov 23, 2004
Ecommerce Corporation Online
Store Kit
risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter.
CVE-2004-0300Nov 23, 2004
Ecommerce Corporation Online
Store Kit
risk 0.03cvss —epss 0.03
SQL injection vulnerability in Online Store Kit 3.0 allows remote attackers to inject arbitrary SQL and gain unauthorized access via (1) the cat parameter in shop.php, (2) the id parameter in more.php, (3) the cat_manufacturer parameter in shop_by_brand.php, or (4) the id…