CVE-2006-4967

2006-09-24T21:07:00
ID CVE-2006-4967
Type cve
Reporter NVD
Modified 2011-03-07T21:42:20

Description

Multiple cross-site scripting (XSS) vulnerabilities in NextAge Cart allow remote attackers to inject arbitrary web script or HTML via (1) the CatId parameter in a product category action in index.php or (2) the SearchWd parameter in an index search action in index.php.