CVE-2008-1906

Cross-site scripting (XSS) vulnerability in calendar.php in cpCommerce 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the year parameter in a view.year action.
Configurations

Configuration 1

cpe:2.3:a:cpcommerce:cpcommerce:1.1.0:*:*:*:*:*:*:*

Information

Published : 2008-04-22 04:41

Updated : 2017-09-29 01:30


NVD link : CVE-2008-1906

Mitre link : CVE-2008-1906

Products Affected
No products.
CWE