CVE-2009-4856 Information

Description

Cross-site scripting (XSS) vulnerability in subitems.php in PHP Easy Shopping Cart 3.1R allows remote attackers to inject arbitrary web script or HTML via the name parameter.

Reference

http://osvdb.org/56835 http://packetstormsecurity.org/0908-exploits/pesc-xss.txt http://secunia.com/advisories/36168 https://exchange.xforce.ibmcloud.com/vulnerabilities/52324