← Back

Aspdotnetstorefront

aspdotnetstorefront

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Aspdotnetstorefront
aspdotnetstorefront
3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2004-2701
1Aspdotnetstorefront
1Aspdotnetstorefront
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter.
CVE-2004-2700
1Aspdotnetstorefront
1Aspdotnetstorefront
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
9.0 HIGH· v2
Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx.
CVE-2004-2699
1Aspdotnetstorefront
1Aspdotnetstorefront
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
4.3 MEDIUM· v2
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter.