CVE-2006-3542 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in Garry Glendown Shopping Cart 0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) shop name field in (a) editshop.php (b) edititem.php and (c) index.php; and via the (2) item field in editshop.php and edititem.php.

Reference

http://secunia.com/advisories/20957 http://securityreason.com/securityalert/1223 http://www.osvdb.org/27024 http://www.osvdb.org/27025 http://www.securityfocus.com/archive/1/439150/100/0/threaded http://www.securityfocus.com/bid/18841 http://www.vupen.com/english/advisories/2006/2693 https://exchange.xforce.ibmcloud.com/vulnerabilities/27539

Share on: