Sledge

**Name of the Vulnerable Software and Affected Versions** Amazing Flash AFCommerce Shopping Cart (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands via the search field, potentially leading to unauthorized access or data manipulation. However, the vendor has disputed this issue, stating that any SQL injection code entered would never be queried. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Amazing Flash AFCommerce Shopping Cart (affected versions not specified) **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the "new review" text box. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.