Filtered by vendor Sandoba
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-13001 | 1 Sandoba | 1 Cp\ | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in Sandoba CP:Shop v2016.1. The vulnerability is located in the `admin.php` file of the `./cpshop/` module. Remote attackers are able to inject their own script codes to the client-side requested vulnerable web-application parameters. The attack vector of the vulnerability is non-persistent and the request method to inject/execute is GET with the path, search, rename, or dir parameter. | |||||