CVE-2005-0443
CubeCart 2.0.4 is affected by a remote XSS and path disclosure vulnerability in index.php triggered by an invalid language parameter that is echoed in a PHP error message. The OpenVAS entry and NVD/CVE records corroborate a language-based XSS/vector that can reveal the install path; CVSS v2 base ...