Описание
Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp.
Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-1162
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20096
- http://marc.info/?l=bugtraq&m=111352017704126&w=2
- http://secunia.com/advisories/14969
- http://securitytracker.com/id?1013720
- http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab
- http://www.osvdb.org/15521
- http://www.osvdb.org/15522
- http://www.osvdb.org/15523
- http://www.securityfocus.com/bid/13184
- http://www.securityfocus.com/bid/13185
- http://www.securityfocus.com/bid/13186
EPSS
CVE ID
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp.
EPSS