Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO (query string) to (1) sendmail.php or (2) order_form.php, different vectors than CVE-2006-6734.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
obie website mini web shop 2 |