Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) category and (2) list_quantity parameters to index.php, and the (3) category parameter to your.order.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dragonfrugal dfd cart 1.192 |
||
dragonfrugal dfd cart 1.194 |
||
dragonfrugal dfd cart 1.193 |
||
dragonfrugal dfd cart 1.195 |
||
dragonfrugal dfd cart 1.196 |
||
dragonfrugal dfd cart 1.197 |
||
dragonfrugal dfd cart |
||
dragonfrugal dfd cart 1.1.4 |
||
dragonfrugal dfd cart 1.1.5 |
||
dragonfrugal dfd cart 1.1.6 |
||
dragonfrugal dfd cart 1.1.7 |
||
dragonfrugal dfd cart 1.1.8 |