CVE-2005-4314

Опубликовано: 17 дек. 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters.

Ссылки

http://pridels0.blogspot.com/2005/12/ppcal-shopping-cart-xss.html
http://secunia.com/advisories/18032
Vendor Advisory
http://www.securityfocus.com/bid/15892
Exploit
http://www.vupen.com/english/advisories/2005/2918
http://pridels0.blogspot.com/2005/12/ppcal-shopping-cart-xss.html
http://secunia.com/advisories/18032
Vendor Advisory
http://www.securityfocus.com/bid/15892
Exploit
http://www.vupen.com/english/advisories/2005/2918

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ppcal_shopping_cart:ppcal_shopping_cart:*:*:*:*:*:*:*:*

Версия до 3.3.0 (включая)

EPSS

Процентиль: 68%

0.00584

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-f3ww-5jpf-ch84

github

почти 4 года назад