Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, (b) search_cat.php, (c) search_price.php, and (d) product_details.php in the cosmicshop directory for CosmicShoppingCart allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, as demonstrated by the (1) query parameter in search.php and the (2) data parameter in search_cat.php.
References 11 Total
- osvdb.org: 26092 vdb-entry
- osvdb.org: 26091 vdb-entry
- securityfocus.com: 18709 vdb-entry
- exchange.xforce.ibmcloud.com: cosmicshoppingcart-search-xss(26681) vdb-entry
- http://www.zone-h.org/advisories/read/id=9058
- securitytracker.com: 1016164 vdb-entry
- archives.neohapsis.com: 20060526 ZH2006-20 SA: CosmicShoppingCart Multiple Vulnerabilities mailing-list
- secunia.com: 20272 third-party-advisory
- osvdb.org: 26093 vdb-entry
- vupen.com: ADV-2006-1984 vdb-entry
- osvdb.org: 26090 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 11 Total
- osvdb.org: 26092 vdb-entryx_transferred
- osvdb.org: 26091 vdb-entryx_transferred
- securityfocus.com: 18709 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: cosmicshoppingcart-search-xss(26681) vdb-entryx_transferred
- http://www.zone-h.org/advisories/read/id=9058 x_transferred
- securitytracker.com: 1016164 vdb-entryx_transferred
- archives.neohapsis.com: 20060526 ZH2006-20 SA: CosmicShoppingCart Multiple Vulnerabilities mailing-listx_transferred
- secunia.com: 20272 third-party-advisoryx_transferred
- osvdb.org: 26093 vdb-entryx_transferred
- vupen.com: ADV-2006-1984 vdb-entryx_transferred
- osvdb.org: 26090 vdb-entryx_transferred