ID PINNACLE_CART_XSS.NASL Type nessus Reporter This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2019-11-02T00:00:00
Description
The remote host runs Pinnacle Cart, a shopping cart software written
in PHP.
The remote version of this software is vulnerable to cross-site
scripting attacks due to a lack of sanity checks on the
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if(description)
{
script_id(18038);
script_version("1.18");
script_cve_id("CVE-2005-1130");
script_bugtraq_id(13138);
script_name(english:"Pinnacle Cart index.php pg Parameter XSS");
script_set_attribute(attribute:"synopsis", value:
"The remote web application is vulnerable to cross-site scripting." );
script_set_attribute(attribute:"description", value:
"The remote host runs Pinnacle Cart, a shopping cart software written
in PHP.
The remote version of this software is vulnerable to cross-site
scripting attacks due to a lack of sanity checks on the 'pg' parameter
in the script 'index.php'." );
script_set_attribute(attribute:"solution", value:
"Upgrade to Pinnacle Cart 3.3 or newer." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);
script_set_attribute(attribute:"plugin_publication_date", value: "2005/04/13");
script_set_attribute(attribute:"vuln_publication_date", value: "2005/04/13");
script_cvs_date("Date: 2018/08/22 16:49:13");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_summary(english:"Checks XSS in Pinnacle Cart");
script_category(ACT_ATTACK);
script_copyright(english:"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"CGI abuses : XSS");
script_dependencie("cross_site_scripting.nasl");
script_require_ports("Services/www", 80);
exit(0);
}
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
port = get_http_port(default:80);
test_cgi_xss( port: port, cgi: "index.php",
qs: "p=catalog&parent=42&pg=<script>foo</script>",
pass_re: '<input type="hidden" name="backurl" value=".*/index\\.php?p=catalog&parent=42&pg=<script>foo</script>');
{"id": "PINNACLE_CART_XSS.NASL", "bulletinFamily": "scanner", "title": "Pinnacle Cart index.php pg Parameter XSS", "description": "The remote host runs Pinnacle Cart, a shopping cart software written\nin PHP.\n\nThe remote version of this software is vulnerable to cross-site\nscripting attacks due to a lack of sanity checks on the ", "published": "2005-04-13T00:00:00", "modified": "2019-11-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://www.tenable.com/plugins/nessus/18038", "reporter": "This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": [], "cvelist": ["CVE-2005-1130"], "type": "nessus", "lastseen": "2019-11-01T03:20:04", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2005-1130"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "description": "The remote host runs Pinnacle Cart, a shopping cart software written\nin PHP.\n\nThe remote version of this software is vulnerable to cross-site\nscripting attacks due to a lack of sanity checks on the ", "edition": 9, "enchantments": {"dependencies": {"modified": "2019-10-28T21:07:25", "references": [{"idList": ["EDB-ID:25394"], "type": "exploitdb"}, {"idList": ["CVE-2005-1130"], "type": "cve"}]}, "score": {"modified": "2019-10-28T21:07:25", "value": 5.2, "vector": "NONE"}}, "hash": "a4038db7d81d093f376b61b91dfde0fd2157e549e2ecc218edb023f724769a5f", "hashmap": [{"hash": "1547457dba2d1ad055446b22d0f95894", "key": "sourceData"}, {"hash": "8c2f5f957d2d9711d2fa5d20cfd511e8", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "3ce564a7ffce5f43501ac093b5b13386", "key": "reporter"}, {"hash": "b5c08a22a180058dc2c471f81ef25760", "key": "title"}, {"hash": "ed12fadd460e4e4dfae007dbd46398fa", "key": "cvelist"}, {"hash": "61e021375865ee20d8f9e2562510b86f", "key": "naslFamily"}, {"hash": "2b59f26550fa05812e711980bc87727a", "key": "published"}, {"hash": "89bc926958e4e5c9a626117097ae27ab", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0bafb6325bcaf483a25404f785191cc5", "key": "modified"}, {"hash": "8fbd35a9964f60dba0d91e2270db14ac", "key": "href"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/18038", "id": "PINNACLE_CART_XSS.NASL", "lastseen": "2019-10-28T21:07:25", "modified": "2019-10-02T00:00:00", "naslFamily": "CGI abuses : XSS", "objectVersion": "1.3", "pluginID": "18038", "published": "2005-04-13T00:00:00", "references": [], "reporter": "This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(18038);\n script_version(\"1.18\");\n script_cve_id(\"CVE-2005-1130\");\n script_bugtraq_id(13138);\n\n script_name(english:\"Pinnacle Cart index.php pg Parameter XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application is vulnerable to cross-site scripting.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host runs Pinnacle Cart, a shopping cart software written\nin PHP.\n\nThe remote version of this software is vulnerable to cross-site\nscripting attacks due to a lack of sanity checks on the 'pg' parameter\nin the script 'index.php'.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Pinnacle Cart 3.3 or newer.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/04/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/04/13\");\n script_cvs_date(\"Date: 2018/08/22 16:49:13\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n\n script_summary(english:\"Checks XSS in Pinnacle Cart\");\n script_category(ACT_ATTACK);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CGI abuses : XSS\");\n script_dependencie(\"cross_site_scripting.nasl\"); \n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\ntest_cgi_xss( port: port, cgi: \"index.php\", \n qs: \"p=catalog&parent=42&pg=<script>foo</script>\",\n pass_re: '<input type=\"hidden\" name=\"backurl\" value=\".*/index\\\\.php?p=catalog&parent=42&pg=<script>foo</script>');\n", "title": "Pinnacle Cart index.php pg Parameter XSS", "type": "nessus", "viewCount": 4}, "differentElements": ["modified"], "edition": 9, "lastseen": "2019-10-28T21:07:25"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2005-1130"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "The remote host runs Pinnacle Cart, a shopping cart software written\nin PHP.\n\nThe remote version of this software is vulnerable to cross-site\nscripting attacks due to a lack of sanity checks on the 'pg' parameter\nin the script 'index.php'.", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-01-16T20:06:04", "references": [{"idList": ["EDB-ID:25394"], "type": "exploitdb"}, {"idList": ["CVE-2005-1130"], "type": "cve"}]}, "score": {"value": 4.3, "vector": "NONE"}}, "hash": "5997bb387764eebcb13fc3b8c6f226a279925bd8aaaffb39d0d8d9e525d86e14", "hashmap": [{"hash": "1547457dba2d1ad055446b22d0f95894", "key": "sourceData"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "8c2f5f957d2d9711d2fa5d20cfd511e8", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b5c08a22a180058dc2c471f81ef25760", "key": "title"}, {"hash": "71bc5ce2c6c2082eec188cd6e47cddff", "key": "modified"}, {"hash": "ed12fadd460e4e4dfae007dbd46398fa", "key": "cvelist"}, {"hash": "61e021375865ee20d8f9e2562510b86f", "key": "naslFamily"}, {"hash": "2b59f26550fa05812e711980bc87727a", "key": "published"}, {"hash": "1a1671e21c91089f4d091d3e6c11475e", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "89a3678d81174bd77bb29d88dd1a5d16", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18038", "id": "PINNACLE_CART_XSS.NASL", "lastseen": "2019-01-16T20:06:04", "modified": "2018-08-22T00:00:00", "naslFamily": "CGI abuses : XSS", "objectVersion": "1.3", "pluginID": "18038", "published": "2005-04-13T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(18038);\n script_version(\"1.18\");\n script_cve_id(\"CVE-2005-1130\");\n script_bugtraq_id(13138);\n\n script_name(english:\"Pinnacle Cart index.php pg Parameter XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application is vulnerable to cross-site scripting.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host runs Pinnacle Cart, a shopping cart software written\nin PHP.\n\nThe remote version of this software is vulnerable to cross-site\nscripting attacks due to a lack of sanity checks on the 'pg' parameter\nin the script 'index.php'.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Pinnacle Cart 3.3 or newer.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/04/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/04/13\");\n script_cvs_date(\"Date: 2018/08/22 16:49:13\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n\n script_summary(english:\"Checks XSS in Pinnacle Cart\");\n script_category(ACT_ATTACK);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CGI abuses : XSS\");\n script_dependencie(\"cross_site_scripting.nasl\"); \n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\ntest_cgi_xss( port: port, cgi: \"index.php\", \n qs: \"p=catalog&parent=42&pg=<script>foo</script>\",\n pass_re: '<input type=\"hidden\" name=\"backurl\" value=\".*/index\\\\.php?p=catalog&parent=42&pg=<script>foo</script>');\n", "title": "Pinnacle Cart index.php pg Parameter XSS", "type": "nessus", "viewCount": 2}, "differentElements": ["description"], "edition": 7, "lastseen": "2019-01-16T20:06:04"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2005-1130"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "The remote host runs Pinnacle Cart, a shopping cart software written in PHP.\n\nThe remote version of this software is vulnerable to cross-site scripting attacks due to a lack of sanity checks on the 'pg' parameter in the script 'index.php'.", "edition": 8, "enchantments": {"dependencies": {"modified": "2019-02-21T01:08:31", "references": [{"idList": ["EDB-ID:25394"], "type": "exploitdb"}, {"idList": ["CVE-2005-1130"], "type": "cve"}]}, "score": {"modified": "2019-02-21T01:08:31", "value": 5.0, "vector": "NONE"}}, "hash": "0be9e51e0c4bb5af2638254d1403ea461a47aa4213e4734bf454d0fa5a9fdd74", "hashmap": [{"hash": "1547457dba2d1ad055446b22d0f95894", "key": "sourceData"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "8c2f5f957d2d9711d2fa5d20cfd511e8", "key": "pluginID"}, {"hash": "61439f7cb68b5ba456392b69817edf40", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b5c08a22a180058dc2c471f81ef25760", "key": "title"}, {"hash": "71bc5ce2c6c2082eec188cd6e47cddff", "key": "modified"}, {"hash": "ed12fadd460e4e4dfae007dbd46398fa", "key": "cvelist"}, {"hash": "61e021375865ee20d8f9e2562510b86f", "key": "naslFamily"}, {"hash": "2b59f26550fa05812e711980bc87727a", "key": "published"}, {"hash": "1a1671e21c91089f4d091d3e6c11475e", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18038", "id": "PINNACLE_CART_XSS.NASL", "lastseen": "2019-02-21T01:08:31", "modified": "2018-08-22T00:00:00", "naslFamily": "CGI abuses : XSS", "objectVersion": "1.3", "pluginID": "18038", "published": "2005-04-13T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(18038);\n script_version(\"1.18\");\n script_cve_id(\"CVE-2005-1130\");\n script_bugtraq_id(13138);\n\n script_name(english:\"Pinnacle Cart index.php pg Parameter XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application is vulnerable to cross-site scripting.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host runs Pinnacle Cart, a shopping cart software written\nin PHP.\n\nThe remote version of this software is vulnerable to cross-site\nscripting attacks due to a lack of sanity checks on the 'pg' parameter\nin the script 'index.php'.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Pinnacle Cart 3.3 or newer.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/04/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/04/13\");\n script_cvs_date(\"Date: 2018/08/22 16:49:13\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n\n script_summary(english:\"Checks XSS in Pinnacle Cart\");\n script_category(ACT_ATTACK);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CGI abuses : XSS\");\n script_dependencie(\"cross_site_scripting.nasl\"); \n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\ntest_cgi_xss( port: port, cgi: \"index.php\", \n qs: \"p=catalog&parent=42&pg=<script>foo</script>\",\n pass_re: '<input type=\"hidden\" name=\"backurl\" value=\".*/index\\\\.php?p=catalog&parent=42&pg=<script>foo</script>');\n", "title": "Pinnacle Cart index.php pg Parameter XSS", "type": "nessus", "viewCount": 4}, "differentElements": ["cvss", "description", "reporter", "modified", "href"], "edition": 8, "lastseen": "2019-02-21T01:08:31"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2005-1130"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "The remote host runs Pinnacle Cart, a shopping cart software written in PHP.\n\nThe remote version of this software is vulnerable to cross-site scripting attacks due to a lack of sanity checks on the 'pg' parameter in the script 'index.php'.", "edition": 1, "hash": "ee95e00174010c703d0be4f613a060f1ba03f8c79a91d86b89d3c504bb0fb692", "hashmap": [{"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0738c9d9af76b2c39e747194bda333c8", "key": "sourceData"}, {"hash": "8c2f5f957d2d9711d2fa5d20cfd511e8", "key": "pluginID"}, {"hash": "61439f7cb68b5ba456392b69817edf40", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b5c08a22a180058dc2c471f81ef25760", "key": "title"}, {"hash": "ed12fadd460e4e4dfae007dbd46398fa", "key": "cvelist"}, {"hash": "0577dabef33b05ebbbd75b827fdef1de", "key": "modified"}, {"hash": "61e021375865ee20d8f9e2562510b86f", "key": "naslFamily"}, {"hash": "2b59f26550fa05812e711980bc87727a", "key": "published"}, {"hash": "1a1671e21c91089f4d091d3e6c11475e", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18038", "id": "PINNACLE_CART_XSS.NASL", "lastseen": "2016-09-26T17:25:34", "modified": "2015-01-14T00:00:00", "naslFamily": "CGI abuses : XSS", "objectVersion": "1.2", "pluginID": "18038", "published": "2005-04-13T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(18038);\n script_version(\"$Revision: 1.15 $\");\n script_cve_id(\"CVE-2005-1130\");\n script_bugtraq_id(13138);\n script_xref(name:\"OSVDB\", value:\"15485\");\n\n script_name(english:\"Pinnacle Cart index.php pg Parameter XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application is vulnerable to cross-site scripting.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host runs Pinnacle Cart, a shopping cart software written\nin PHP.\n\nThe remote version of this software is vulnerable to cross-site\nscripting attacks due to a lack of sanity checks on the 'pg' parameter\nin the script 'index.php'.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Pinnacle Cart 3.3 or newer.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/04/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/04/13\");\n script_cvs_date(\"$Date: 2015/01/14 20:12:25 $\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n\n script_summary(english:\"Checks XSS in Pinnacle Cart\");\n script_category(ACT_ATTACK);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.\");\n script_family(english:\"CGI abuses : XSS\");\n script_dependencie(\"cross_site_scripting.nasl\"); \n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\ntest_cgi_xss( port: port, cgi: \"index.php\", \n qs: \"p=catalog&parent=42&pg=<script>foo</script>\",\n pass_re: '<input type=\"hidden\" name=\"backurl\" value=\".*/index\\\\.php?p=catalog&parent=42&pg=<script>foo</script>');\n", "title": "Pinnacle Cart index.php pg Parameter XSS", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:25:34"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2005-1130"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "The remote host runs Pinnacle Cart, a shopping cart software written in PHP.\n\nThe remote version of this software is vulnerable to cross-site scripting attacks due to a lack of sanity checks on the 'pg' parameter in the script 'index.php'.", "edition": 2, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "b92d1bb5c1dcdcace78f22ae09579dd5694e86a0b23745529704f2ee22a84a63", "hashmap": [{"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "8c2f5f957d2d9711d2fa5d20cfd511e8", "key": "pluginID"}, {"hash": "75bb86481dbe5c4cc3ab0712172027c2", "key": "modified"}, {"hash": "61439f7cb68b5ba456392b69817edf40", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "1a86da2ce80e85086b2d6ee5f306d33e", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b5c08a22a180058dc2c471f81ef25760", "key": "title"}, {"hash": "ed12fadd460e4e4dfae007dbd46398fa", "key": "cvelist"}, {"hash": "61e021375865ee20d8f9e2562510b86f", "key": "naslFamily"}, {"hash": "2b59f26550fa05812e711980bc87727a", "key": "published"}, {"hash": "1a1671e21c91089f4d091d3e6c11475e", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18038", "id": "PINNACLE_CART_XSS.NASL", "lastseen": "2017-02-24T01:03:14", "modified": "2017-02-23T00:00:00", "naslFamily": "CGI abuses : XSS", "objectVersion": "1.2", "pluginID": "18038", "published": "2005-04-13T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(18038);\n script_version(\"$Revision: 1.16 $\");\n script_cve_id(\"CVE-2005-1130\");\n script_bugtraq_id(13138);\n script_xref(name:\"OSVDB\", value:\"15485\");\n\n script_name(english:\"Pinnacle Cart index.php pg Parameter XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application is vulnerable to cross-site scripting.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host runs Pinnacle Cart, a shopping cart software written\nin PHP.\n\nThe remote version of this software is vulnerable to cross-site\nscripting attacks due to a lack of sanity checks on the 'pg' parameter\nin the script 'index.php'.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Pinnacle Cart 3.3 or newer.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/04/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/04/13\");\n script_cvs_date(\"$Date: 2017/02/23 16:41:18 $\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n\n script_summary(english:\"Checks XSS in Pinnacle Cart\");\n script_category(ACT_ATTACK);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2017 Tenable Network Security, Inc.\");\n script_family(english:\"CGI abuses : XSS\");\n script_dependencie(\"cross_site_scripting.nasl\"); \n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\ntest_cgi_xss( port: port, cgi: \"index.php\", \n qs: \"p=catalog&parent=42&pg=<script>foo</script>\",\n pass_re: '<input type=\"hidden\" name=\"backurl\" value=\".*/index\\\\.php?p=catalog&parent=42&pg=<script>foo</script>');\n", "title": "Pinnacle Cart index.php pg Parameter XSS", "type": "nessus", "viewCount": 2}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-02-24T01:03:14"}], "edition": 10, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "ed12fadd460e4e4dfae007dbd46398fa"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "description", "hash": "89bc926958e4e5c9a626117097ae27ab"}, {"key": "href", "hash": "8fbd35a9964f60dba0d91e2270db14ac"}, {"key": "modified", "hash": "abcf9266f425f12dda38f529cd4a94bc"}, {"key": "naslFamily", "hash": "61e021375865ee20d8f9e2562510b86f"}, {"key": "pluginID", "hash": "8c2f5f957d2d9711d2fa5d20cfd511e8"}, {"key": "published", "hash": "2b59f26550fa05812e711980bc87727a"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "3ce564a7ffce5f43501ac093b5b13386"}, {"key": "sourceData", "hash": "1547457dba2d1ad055446b22d0f95894"}, {"key": "title", "hash": "b5c08a22a180058dc2c471f81ef25760"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "3c4f87af9ac4d0cb31f2460e893b65fac66b697ed033403455d4446a4bb87019", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-1130"]}, {"type": "exploitdb", "idList": ["EDB-ID:25394"]}], "modified": "2019-11-01T03:20:04"}, "score": {"value": 5.2, "vector": "NONE", "modified": "2019-11-01T03:20:04"}, "vulnersScore": 5.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(18038);\n script_version(\"1.18\");\n script_cve_id(\"CVE-2005-1130\");\n script_bugtraq_id(13138);\n\n script_name(english:\"Pinnacle Cart index.php pg Parameter XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application is vulnerable to cross-site scripting.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host runs Pinnacle Cart, a shopping cart software written\nin PHP.\n\nThe remote version of this software is vulnerable to cross-site\nscripting attacks due to a lack of sanity checks on the 'pg' parameter\nin the script 'index.php'.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Pinnacle Cart 3.3 or newer.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/04/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/04/13\");\n script_cvs_date(\"Date: 2018/08/22 16:49:13\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n\n script_summary(english:\"Checks XSS in Pinnacle Cart\");\n script_category(ACT_ATTACK);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CGI abuses : XSS\");\n script_dependencie(\"cross_site_scripting.nasl\"); \n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\ntest_cgi_xss( port: port, cgi: \"index.php\", \n qs: \"p=catalog&parent=42&pg=<script>foo</script>\",\n pass_re: '<input type=\"hidden\" name=\"backurl\" value=\".*/index\\\\.php?p=catalog&parent=42&pg=<script>foo</script>');\n", "naslFamily": "CGI abuses : XSS", "pluginID": "18038", "cpe": [], "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:08:13", "bulletinFamily": "NVD", "description": "Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter.", "modified": "2017-07-11T01:32:00", "id": "CVE-2005-1130", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1130", "published": "2005-04-12T04:00:00", "title": "CVE-2005-1130", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "exploitdb": [{"lastseen": "2016-02-03T01:16:29", "bulletinFamily": "exploit", "description": "Pinnacle Cart Index.PHP Cross-Site Scripting Vulnerability. CVE-2005-1130. Webapps exploit for php platform", "modified": "2005-04-12T00:00:00", "published": "2005-04-12T00:00:00", "id": "EDB-ID:25394", "href": "https://www.exploit-db.com/exploits/25394/", "type": "exploitdb", "title": "Pinnacle Cart Index.PHP Cross-Site Scripting Vulnerability", "sourceData": "source: http://www.securityfocus.com/bid/13138/info\r\n\r\nPinnacle Cart is affected by a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.\r\n\r\nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.\r\n\r\nhttp://www.example.com/index.php?p=catalog&parent=12&pg=\"><script>alert(document.domain);</script> ", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/25394/"}]}
