Search...

CVE-2005-4314

2005-12-16T19:03:00

ID CVE-2005-4314
Type cve
Reporter NVD
Modified 2011-03-07T21:27:59

Description

Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters.

JSON Vulners Source

Initial Source

{"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4314", "history": [], "references": ["http://pridels0.blogspot.com/2005/12/ppcal-shopping-cart-xss.html", "http://www.vupen.com/english/advisories/2005/2918", "http://www.securityfocus.com/bid/15892"], "lastseen": "2016-09-03T06:09:30", "bulletinFamily": "NVD", "title": "CVE-2005-4314", "cpe": ["cpe:/a:ppcal_shopping_cart:ppcal_shopping_cart:3.3.0"], "viewCount": 0, "id": "CVE-2005-4314", "hash": "71c24a817604c25debcfba29cea7df5aa99150ad3b5a3b05b6581542883ec09f", "description": "Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters.", "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "cvelist": ["CVE-2005-4314"], "scanner": [], "modified": "2011-03-07T21:27:59", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "objectVersion": "1.2", "reporter": "NVD", "type": "cve", "published": "2005-12-16T19:03:00", "enchantments": {"vulnersScore": 4.7}}

{"result": {"exploitdb": [{"id": "EDB-ID:26850", "type": "exploitdb", "title": "PPCal Shopping Cart 3.3 - Cross-Site Scripting Vulnerability", "description": "PPCal Shopping Cart 3.3 Cross-Site Scripting Vulnerability. CVE-2005-4314. Webapps exploit for cgi platform", "published": "2005-12-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/26850/", "cvelist": ["CVE-2005-4314"], "lastseen": "2016-02-03T04:31:42"}], "osvdb": [{"id": "OSVDB:21713", "type": "osvdb", "title": "PPCal Shopping Cart ppcal.cgi Multiple Variable XSS", "description": "## Manual Testing Notes\n/ppcal.cgi?action=shop&user=8001&start=21&stop=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E\n\n/ppcal.cgi?action=shop&user=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E\n## References:\nVendor URL: http://www.paypalshoppingcart.org/\n[Secunia Advisory ID:18032](https://secuniaresearch.flexerasoftware.com/advisories/18032/)\nOther Advisory URL: http://pridels.blogspot.com/2005/12/ppcal-shopping-cart-xss.html\nFrSIRT Advisory: ADV-2005-2918\n[CVE-2005-4314](https://vulners.com/cve/CVE-2005-4314)\nBugtraq ID: 15892\n", "published": "2005-12-15T15:18:02", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/osvdb/OSVDB:21713", "cvelist": ["CVE-2005-4314"], "lastseen": "2017-04-28T13:20:18"}]}}