CVE-2005-1162

2005-04-1804:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp.

References

marc.info/?l=bugtraq&m=111352017704126&w=2

secunia.com/advisories/14969

securitytracker.com/id?1013720

www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab

www.osvdb.org/15521

www.osvdb.org/15522

www.osvdb.org/15523

www.securityfocus.com/bid/13184

www.securityfocus.com/bid/13185

www.securityfocus.com/bid/13186

exchange.xforce.ibmcloud.com/vulnerabilities/20096