CVE-2009-4425
CVE-2009-4425 affects iDevCart 1.09, via a cross-site scripting (XSS) flaw in index.php where the SEARCH parameter in a browse action can inject arbitrary script/HTML. Root cause is improper handling/encoding of user-supplied SEARCH input. Impact stated: attacker could execute script in victim’s ...