CVE-2008-6297

Опубликовано: 26 фев. 2009

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in order.php in DHCart allows remote attackers to inject arbitrary web script or HTML via the (1) domain and (2) d1 parameters.

Ссылки

http://lostmon.blogspot.com/2008/11/dhcart-multiple-variable-xss-and-stored.html
Exploit
http://secunia.com/advisories/32555
http://www.securityfocus.com/bid/32117
https://exchange.xforce.ibmcloud.com/vulnerabilities/46339
http://lostmon.blogspot.com/2008/11/dhcart-multiple-variable-xss-and-stored.html
Exploit
http://secunia.com/advisories/32555
http://www.securityfocus.com/bid/32117
https://exchange.xforce.ibmcloud.com/vulnerabilities/46339

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dhcart:dhcart:3.84:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01152

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-22fg-w5v8-8cqv

github

около 3 лет назад