Cactusoft: >> Cactushop >> 5.1 Security Vulnerabilities
SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.
CVSS Score
7.5
EPSS Score
0.015
Published
2004-12-31
Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attackers to inject arbitrary web script or HTML via the strImageTag parameter.
CVSS Score
4.3
EPSS Score
0.093
Published
2004-12-31