Amazing Flash Commerce : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the "new review" text box.
Max CVSS
4.3
EPSS Score
0.92%
Published
2006-07-24
Updated
2018-10-17
SQL injection vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the search field. NOTE: the vendor has disputed this issue, stating "if someone were to type in any sql injection code, that code would never be queried.
Max CVSS
7.5
EPSS Score
0.80%
Published
2006-07-24
Updated
2024-03-21
2 vulnerabilities found