Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3542

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2006-3542
Last Modified 07 Mar 2011 09:38:52
Published 12 Jul 2006 08:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3542

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Garry Glendown Shopping Cart 0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) shop name field in (a) editshop.php, (b) edititem.php, and (c) index.php; and via the (2) item field in editshop.php and edititem.php.

Vulnerable Systems

Application

  • Boxcar Media Shopping Cart 0.9


References

VUPEN - ADV-2006-2693

BID - 18841

BUGTRAQ - 20060705 Shopping Cart V0.9

SECUNIA - 20957

XF - shoppingcart-multiple-scripts-xss(27539)

OSVDB - 27025

OSVDB - 27024

SREASON - 1223


Last Updated: 27 May 2016 10:43:02