Lucene search

MitreCVE-2005-4571

HistoryDec 29, 2005 - 11:03 a.m.

CVE-2005-4571

2005-12-2911:03:00

mitre

web.nvd.nist.gov

cve-2005-4571

cross-site scripting

xss vulnerability

myezshop shopping cart

remote attackers

web script

html

keyword parameter

nvd

security vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

68.9%

JSON

Cross-site scripting (XSS) vulnerability in myEZshop Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

myezshopmyezshop_shopping_cart

VendorProductVersionCPE
myezshopmyezshop_shopping_cart*cpe:2.3:a:myezshop:myezshop_shopping_cart:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
myezshop	myezshop_shopping_cart	*	cpe:2.3:a:myezshop:myezshop_shopping_cart::::::::

References

secunia.com/advisories/18086

www.osvdb.org/21996

www.securityfocus.com/bid/15965

exchange.xforce.ibmcloud.com/vulnerabilities/23843

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

68.9%

JSON

Related for CVE-2005-4571