Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2004 Noam RathausOPENVAS:136141256231012290
HistoryNov 03, 2005 - 12:00 a.m.

Cart32 GetLatestBuilds XSS

2005-11-0300:00:00
Copyright (C) 2004 Noam Rathaus
plugins.openvas.org
39

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

High

EPSS

0.007

Percentile

80.4%

JSON

The remote host is using Cart32, a shopping cart software.

There is a bug in this software which makes it vulnerable to cross site
scripting attacks.

# SPDX-FileCopyrightText: 2004 Noam Rathaus
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.12290");
  script_version("2023-08-01T13:29:10+0000");
  script_tag(name:"last_modification", value:"2023-08-01 13:29:10 +0000 (Tue, 01 Aug 2023)");
  script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
  script_cve_id("CVE-2004-0675");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/10617");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_name("Cart32 GetLatestBuilds XSS");
  script_category(ACT_ATTACK);
  script_copyright("Copyright (C) 2004 Noam Rathaus");
  script_family("Web application abuses");
  script_dependencies("find_service.nasl", "no404.nasl", "webmirror.nasl", "DDI_Directory_Scanner.nasl", "cross_site_scripting.nasl", "os_detection.nasl", "global_settings.nasl");
  script_require_ports("Services/www", 80);
  script_mandatory_keys("Host/runs_windows");
  script_exclude_keys("Settings/disable_cgi_scanning");

  script_tag(name:"impact", value:"An attacker may use this bug to steal the credentials of the legitimate users
  of this site.");

  script_tag(name:"solution", value:"Upgrade to the newest version of this software");

  script_tag(name:"summary", value:"The remote host is using Cart32, a shopping cart software.

  There is a bug in this software which makes it vulnerable to cross site
  scripting attacks.");

  script_tag(name:"qod", value:"50"); # No extra check, prone to false positives and doesn't match existing qod_types
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("http_func.inc");
include("http_keepalive.inc");
include("port_service_func.inc");
include("list_array_func.inc");

port = http_get_port( default:80 );

host = http_host_name( dont_add_port:TRUE );
if( http_get_has_generic_xss( port:port, host:host ) ) exit( 0 );

foreach dir( make_list_unique( "/", http_cgi_dirs( port:port ) ) ) {

  if( dir == "/" ) dir = "";
  url = dir + "/cart32.exe/GetLatestBuilds?cart32=%3Cscript%3Efoo%3C/script%3E";

  if( http_vuln_check( port:port, url:url, pattern:"<script>foo</script>", check_header:TRUE ) ) {
    report = http_report_vuln_url( port:port, url:url );
    security_message( port:port, data:report );
    exit( 0 );
  }
}

exit( 0 );

Related

cvelist 1
exploitdb 1
nvd 1
cve 1
cvelist
cvelist
CVE-2004-0675
2004-07-13 04:00:00
exploitdb
exploitdb
McMurtrey/Whitaker &amp; Associates Cart32 2-5 GetLatestBuilds Script - Cross-Site Scripting
2004-06-28 00:00:00
nvd
nvd
CVE-2004-0675
2004-08-06 04:00:00
cve
cve
CVE-2004-0675
2004-08-06 04:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

High

EPSS

0.007

Percentile

80.4%

JSON
Related for OPENVAS:136141256231012290
cvelist1exploitdb1nvd1cve1