CVE-2007-3448

2007-06-2700:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Cross-site scripting (XSS) vulnerability in index.php in BugMall Shopping Cart 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the msgs parameter. NOTE: 4.0.2 and other versions might also be affected.

References

osvdb.org/38205

secunia.com/advisories/25836

www.h4cky0u.org/viewtopic.php?t=26834

www.securityfocus.com/bid/24629

www.vupen.com/english/advisories/2007/2322

exchange.xforce.ibmcloud.com/vulnerabilities/35037

www.exploit-db.com/exploits/4103