BestShopPro is prone to cross-site scripting and SQL-injection vulnerabilities because it fails to sufficiently sanitize user- supplied data. Exploiting these issues could allow an attacker to steal cookie- based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
- DD-WRT '/Info.live.htm' Multiple Information Disclosure Vulnerabilities
- BasiliX Attachment Disclosure Vulnerability
- Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
- Atlassian Confluence Multiple Cross Site Scripting Vulnerabilities
- phpLDAPadmin 'server_id' Parameter Cross Site Scripting Vulnerabilities