QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2005-0995

Back to search

CVE-2005-0995

Published: Apr 7, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in ProductCart 2.7 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter to advSearch_h.asp, (2) the redirectUrl parameter to NewCust.asp, (3) the country parameter to storelocator_submit.asp, or (4) the error parameter to techErr.asp. NOTE: it has been reported that storelocator_submit.asp does not exist in ProductCart.

VendorProductVersions

n/a

n/a

affected
n/a

References

15264
vdb-entry
x_refsource_OSVDB
15267
vdb-entry
x_refsource_OSVDB
14833
third-party-advisory
x_refsource_SECUNIA
12990
vdb-entry
x_refsource_BID
15268
vdb-entry
x_refsource_OSVDB
15266
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2005-0995 - Security Vulnerability | QwikSec