cve/CVE-2005-0606.md at 7818c5651982aa78500b326433f643b6a96ab8c1

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Cross-site scripting (XSS) vulnerability in settings.inc.php for CubeCart 2.0.0 through 2.0.5, as used in multiple PHP files, allows remote attackers to inject arbitrary HTML or web script via the (1) cat_id, (2) PHPSESSID, (3) view_doc, (4) product, (5) session, (6) catname, (7) search, or (8) page parameters.

POC

Reference

http://lostmon.blogspot.com/2005/02/cubecart-20x-multiple-variable-xss.html

Github

No PoCs found on GitHub currently.

808 B Raw Blame History

CVE-2005-0606

Description

POC

Reference

Github

808 B

Raw Blame History