CVE-2008-7057 Information

Description

Cross-site scripting (XSS) vulnerability in merchandise.php in BandSite CMS 1.1.4 allows remote attackers to inject arbitrary HTML or web script via the type parameter.

Reference

http://secunia.com/advisories/21992 http://www.securityfocus.com/bid/30788 https://exchange.xforce.ibmcloud.com/vulnerabilities/44590 https://www.exploit-db.com/exploits/6286