Back to search
CVE-2006-3613
Published: Jul 14, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Chamberland Technology ezWaiter 3.0 Online and possibly Enterprise Software (aka enterprise edition) allow remote attackers to inject arbitrary web script or HTML via the (1) itemfor (aka "Who is this item for?") and (2) special (aka "Special Instructions") parameters to item.php, which is accessed from showorder.php, or (3) unspecified parameters to the login form at login.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ezwaiter-input-fields-xss(27587)
vdb-entry
x_refsource_XF
18746
vdb-entry
x_refsource_BID
20060630 ezWaiter v3.0 - XSS
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now