CVE-2005-4293

2005-12-1611:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.01

Percentile

83.6%

JSON

Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.

References

pridels0.blogspot.com/2005/12/clickcartpro-ccp-xss-vuln.html

secunia.com/advisories/17927

www.attrition.org/pipermail/vim/2006-January/000510.html

www.clickcartpro.com/forum/index.php?showtopic=12172

www.osvdb.org/21716

www.securityfocus.com/bid/15896

www.vupen.com/english/advisories/2005/2914