Iscripts - Eswap CVE

Filtered by vendor Iscripts Subscribe

Filtered by product Eswap

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2010-5035	1 Iscripts	1 Eswap	2017-08-29	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). NOTE: some of these details are obtained from third party information.
CVE-2010-5036	1 Iscripts	1 Eswap	2017-08-29	7.5 HIGH	N/A
SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.

Vulnerabilities (CVE)