CVE-2006-2669

2006-05-3021:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.006

Percentile

79.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter in search.php (the “search box”), (2) the prodid parameter in detail.php, and the (3) cid parameter in products.php.

References

secunia.com/advisories/20295

securityreason.com/securityalert/990

www.osvdb.org/26080

www.osvdb.org/26081

www.osvdb.org/26082

www.securityfocus.com/archive/1/435018/100/0/threaded

www.securityfocus.com/bid/18706

www.vupen.com/english/advisories/2006/1991

exchange.xforce.ibmcloud.com/vulnerabilities/26690