|
|
CVE Reference: CVE-2006-2649 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2649 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, (b) search_cat.php, (c) search_price.php, and (d) product_details.php in the cosmicshop directory for CosmicShoppingCart allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, as demonstrated by the (1) query parameter in search.php and the (2) data parameter in search_cat.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26681 ST 1016164 SAID Secunia Advisory: SA20272 OSVDB 26090 26092 26093 26091 MISC http://www.zone-h.org/advisories/read/id=9058 FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0683.html BID 18709 |
|
| Return to the previous page. |
