Vulnerabilities > CVE-2004-1797
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN exploit available
Summary
Cross-site scripting (XSS) vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 7 |
Exploit-Db
| description | FreznoShop 1.2.3/1.3 Search Script Cross-Site Scripting Vulnerability. CVE-2004-1797. Webapps exploit for php platform |
| id | EDB-ID:23519 |
| last seen | 2016-02-02 |
| modified | 2004-01-04 |
| published | 2004-01-04 |
| reporter | David S. Ferreira |
| source | https://www.exploit-db.com/download/23519/ |
| title | FreznoShop 1.2.3/1.3 - Search Script Cross-Site Scripting Vulnerability |
References
- http://secunia.com/advisories/10547
- http://secunia.com/advisories/10547
- http://securitytracker.com/id?1008606
- http://securitytracker.com/id?1008606
- http://www.freznoshop.com/changelog_en.htm
- http://www.freznoshop.com/changelog_en.htm
- http://www.osvdb.org/3335
- http://www.osvdb.org/3335
- http://www.securityfocus.com/bid/9359
- http://www.securityfocus.com/bid/9359
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14147
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14147