Lucene search
MitreCVE-2006-3542HistoryJul 13, 2006 - 12:05 a.m.
CVE-2006-3542
2006-07-1300:05:00
mitre
web.nvd.nist.gov
22
cve-2006-3542
xss
garry glendown shopping cart 0.9
web security
nvd
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
6
Confidence
High
EPSS
0.006
Percentile
78.8%
Multiple cross-site scripting (XSS) vulnerabilities in Garry Glendown Shopping Cart 0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) shop name field in (a) editshop.php, (b) edititem.php, and © index.php; and via the (2) item field in editshop.php and edititem.php.
Affected configurations
Node
boxcar_mediashopping_cartMatch0.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| boxcar_media | shopping_cart | 0.9 | cpe:2.3:a:boxcar_media:shopping_cart:0.9:*:*:*:*:*:*:* |
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
6
Confidence
High
EPSS
0.006
Percentile
78.8%
Related for CVE-2006-3542