exploitDog

CVE-2009-4688

Опубликовано: 10 мар. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote attackers to inject arbitrary web script or HTML via the (1) txtkeywords and (2) cid parameters.

Ссылки

http://packetstormsecurity.org/0907-exploits/scsc-sqlxss.txt
Exploit
http://secunia.com/advisories/35894
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1977
Vendor Advisory
http://packetstormsecurity.org/0907-exploits/scsc-sqlxss.txt
Exploit
http://secunia.com/advisories/35894
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1977
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:resalecode:php_shopping_cart_selling_website_script:*:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00851

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-72cm-h79h-7p2p

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote attackers to inject arbitrary web script or HTML via the (1) txtkeywords and (2) cid parameters.

EPSS

Процентиль: 74%

0.00851

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79