Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5104

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-5104
Last Modified 24 Aug 2012 12:00:00
Published 23 Aug 2012 04:55:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-5104

Summary

Cross-site scripting (XSS) vulnerability in wpsc-admin/display-sales-logs.php in WP e-Commerce plugin 3.8.7.1 and possibly earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the custom_text parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Getshopped Wp E-commerce 3.6.10

  • Getshopped Wp E-commerce 3.6.11

  • Getshopped Wp E-commerce 3.6.12

  • Getshopped Wp E-commerce 3.6.13

  • Getshopped Wp E-commerce 3.6.5

  • Getshopped Wp E-commerce 3.6.6

  • Getshopped Wp E-commerce 3.6.7

  • Getshopped Wp E-commerce 3.6.8

  • Getshopped Wp E-commerce 3.6.9

  • Getshopped Wp E-commerce 3.7

  • Getshopped Wp E-commerce 3.7.1

  • Getshopped Wp E-commerce 3.7.2

  • Getshopped Wp E-commerce 3.7.3

  • Getshopped Wp E-commerce 3.7.4

  • Getshopped Wp E-commerce 3.7.5

  • Getshopped Wp E-commerce 3.7.5.1

  • Getshopped Wp E-commerce 3.7.5.2

  • Getshopped Wp E-commerce 3.7.5.3

  • Getshopped Wp E-commerce 3.7.6

  • Getshopped Wp E-commerce 3.7.6.1

  • Getshopped Wp E-commerce 3.7.6.2

  • Getshopped Wp E-commerce 3.7.6.3

  • Getshopped Wp E-commerce 3.7.6.4

  • Getshopped Wp E-commerce 3.7.6.5

  • Getshopped Wp E-commerce 3.7.6.6

  • Getshopped Wp E-commerce 3.7.6.7

  • Getshopped Wp E-commerce 3.7.6.9

  • Getshopped Wp E-commerce 3.7.7

  • Getshopped Wp E-commerce 3.7.8

  • Getshopped Wp E-commerce 3.7.8.1

  • Getshopped Wp E-commerce 3.7.8.2

  • Getshopped Wp E-commerce 3.7.8.3

  • Getshopped Wp E-commerce 3.8

  • Getshopped Wp E-commerce 3.8.1

  • Getshopped Wp E-commerce 3.8.2

  • Getshopped Wp E-commerce 3.8.3

  • Getshopped Wp E-commerce 3.8.4

  • Getshopped Wp E-commerce 3.8.5

  • Getshopped Wp E-commerce 3.8.6

  • Getshopped Wp E-commerce 3.8.6.1

  • Getshopped Wp E-commerce 3.8.7

  • Getshopped Wp E-commerce 3.8.7.1


References

XF - wpecommerce-index-xss(71443)

BID - 50757

MISC - http://wordpress.org/extend/plugins/wp-e-commerce/changelog/

SECUNIA - 46957

MISC - http://plugins.trac.wordpress.org/changeset?reponame=&new=463447%40wp-e-commerce&old=463446%40wp-e-commerce

OSVDB - 77249


Last Updated: 27 May 2016 11:00:18