CVE-2006-0245
CVE-2006-0245: CubeCart 3.0.7-pl1 is vulnerable to multiple cross-site scripting (XSS) flaws. Remote attackers can inject arbitrary script/HTML via index.php parameters (redir, productId, docId, act, catId) and the username field in a login action; the cart.php/redir and index.php/searchStr vecto...