CVE-2008-7057

2009-08-2419:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in merchandise.php in BandSite CMS 1.1.4 allows remote attackers to inject arbitrary HTML or web script via the type parameter.

References

secunia.com/advisories/21992

www.securityfocus.com/bid/30788

exchange.xforce.ibmcloud.com/vulnerabilities/44590

www.exploit-db.com/exploits/6286