CVE-2006-3156
CVE-2006-3156 describes a cross-site scripting (XSS) vulnerability in the web application, specifically in the file index.cgi of Ultimate eShop 1.0 and earlier. The issue is exploitable via the subid parameter and allows remote attackers to inject arbitrary web script or HTML. The available metad...