CVE-2014-4302
Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D Shop Engine allows remote attackers to inject arbitrary web script or HTML via the ID parameter.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0022 (0.2%)
Percentile: 45.1%
EPSS: 2026-05-06
Affects
ham3d:ham3d_shop_engineTechnical description
Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D Shop Engine allows remote attackers to inject arbitrary web script or HTML via the ID parameter.
Published: 6/18/2014, 2:55:13 PM
Last modified: 5/6/2026, 10:30:45 PM