CVE-2005-1162 Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp (2) bSub parameter to owListProduct.asp or the (3) Name (4) Email or (5) Comment fields in owProductDetail.asp.
Reference
http://marc.info/?l=bugtraq&m=111352017704126&w=2 http://secunia.com/advisories/14969 http://securitytracker.com/id?1013720 http://www.oneworldstore.com/support_security_issue_updates.aspApril_15_2005_DCrab http://www.osvdb.org/15521 http://www.osvdb.org/15522 http://www.osvdb.org/15523 http://www.securityfocus.com/bid/13184 http://www.securityfocus.com/bid/13185 http://www.securityfocus.com/bid/13186 https://exchange.xforce.ibmcloud.com/vulnerabilities/20096
Share on: