Heap
21-03-09, 03:18
Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/login.php and (2) order.php.
More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6503)
More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-6503)