CVE-2005-0908

Properties

Published:
27.03.2005
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:C/A:N/B:N) Approximated
    Product:
    Valdersoft: Valdersoft Shopping Cart

    Vulnerability description

    Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to index.php or (2) the searchTopCategoryID parameter to search_result.php.

    References:

    MISC: http://securitytracker.com/id?1013565
    BUGTRAQ: http://www.securityfocus.com/archive/1/394406/2005-03-26/2005-04-01/2