CVE-2008-1550
CubeCart 4.2.1 has multiple XSS vulnerabilities in index.php exploitable via the _a parameter in a searchStr action and the Submit parameter, allowing remote attackers to inject arbitrary script/HTML. The NVD entry notes a Medium base score (CVSS v2: AV:N/AC:M/Au:N/C:N/I:P/A:N) with partial integ...