4.3
CVE-2006-3030
- EPSS 1.28%
- Veröffentlicht 15.06.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:26:15
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in DwZone Shopping Cart 1.1.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ToCategory and (2) FromCategory parameters to (a) ProductDetailsForm.asp and (3) UserName and (4) Password parameters to (b) LogIn/VerifyUserLog.asp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dwzone ≫ Dwzone Shopping Cart Version <= 1.1.9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.28% | 0.661 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://pridels0.blogspot.com/2006/06/dwzone-shopping-cart-xss-vuln.html
http://secunia.com/advisories/20603
http://www.osvdb.org/26401
http://www.osvdb.org/26402
http://www.vupen.com/english/advisories/2006/2291
https://exchange.xforce.ibmcloud.com/vulnerabilities/27032