Vulnerabilities > CVE-2004-0675 - Cross-Site Scripting vulnerability in McMurtrey/Whitaker & Associates Cart32 GetLatestBuilds Script
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32web.exe in Cart32 shopping cart allows remote attackers to execute arbitrary web script via the cart32 parameter to a GetLatestBuilds command.
Vulnerable Configurations
Exploit-Db
description | McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script Cross-Site Scripting Vulnerability. CVE-2004-0675 . Webapps exploit for cgi platform |
id | EDB-ID:24236 |
last seen | 2016-02-02 |
modified | 2004-06-28 |
published | 2004-06-28 |
reporter | Dr.Ponidi Haryanto |
source | https://www.exploit-db.com/download/24236/ |
title | McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script Cross-Site Scripting Vulnerability |