Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) a_country parameter in a process action to affiliate_signup.php or (2) entry_country_id parameter in an edit action to admin/create_account.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ol-commerce 跨站脚本漏洞
Vulnerability Description
ol-commerce是一套基于AJAX的新一代xtCommerce 2.x(电子商务购物车系统)产品。 ol-commerce 2.1.1版本中存在跨站脚本漏洞。远程攻击者可通过在affiliate_signup.php脚本执行中的‘a_country’参数或admin/create_account.php脚本编辑过程中的‘entry_country_id’参数利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A