Cross site scripting

2009-02-2418:30:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.6%

JSON

Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter.

CPENameOperatorVersion
q-shople3.0

CPE	Name	Operator	Version
	q-shop	le	3.0

References

secunia.com/advisories/32742

www.securityfocus.com/bid/32329

exchange.xforce.ibmcloud.com/vulnerabilities/46650

www.exploit-db.com/exploits/7141