CVE-2005-4530 Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters in (1) profile.htm (2) card.htm (3) bank.htm (4) subscriptions.htm (5) send.htm (6) request.htm (7) forgot.htm (8) escrow.htm (9) donations.htm and (10) products.htm.
Reference
http://pridels0.blogspot.com/2005/12/alstrasoft-epay-enterprise-v30-xss.html http://secunia.com/advisories/18153 http://www.osvdb.org/21883 http://www.osvdb.org/21884 http://www.osvdb.org/21885 http://www.osvdb.org/21886 http://www.osvdb.org/21887 http://www.osvdb.org/21888 http://www.osvdb.org/21889 http://www.osvdb.org/21890 http://www.osvdb.org/21891 http://www.osvdb.org/21892 http://www.securityfocus.com/bid/16055 http://www.vupen.com/english/advisories/2005/3074 https://exchange.xforce.ibmcloud.com/vulnerabilities/23852
Share on: