CVE-2008-6297

2009-02-2616:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.0%

JSON

Cross-site scripting (XSS) vulnerability in order.php in DHCart allows remote attackers to inject arbitrary web script or HTML via the (1) domain and (2) d1 parameters.

References

lostmon.blogspot.com/2008/11/dhcart-multiple-variable-xss-and-stored.html

secunia.com/advisories/32555

www.securityfocus.com/bid/32117

exchange.xforce.ibmcloud.com/vulnerabilities/46339