Vulnerabilities > CVE-2005-1162 - Unspecified vulnerability in Oneworldstore
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN oneworldstore
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description OneWorldStore OWContactUs.ASP Cross-Site Scripting Vulnerability. CVE-2005-1162. Webapps exploit for asp platform id EDB-ID:25427 last seen 2016-02-03 modified 2005-04-14 published 2005-04-14 reporter Dcrab source https://www.exploit-db.com/download/25427/ title OneWorldStore OWContactUs.ASP Cross-Site Scripting Vulnerability description OneWorldStore OWListProduct.ASP Cross-Site Scripting Vulnerability. CVE-2005-1162. Webapps exploit for asp platform id EDB-ID:25428 last seen 2016-02-03 modified 2005-04-14 published 2005-04-14 reporter Dcrab source https://www.exploit-db.com/download/25428/ title OneWorldStore OWListProduct.ASP Cross-Site Scripting Vulnerability
References
- http://www.securityfocus.com/bid/13184
- http://www.securityfocus.com/bid/13185
- http://www.securityfocus.com/bid/13186
- http://www.osvdb.org/15521
- http://www.osvdb.org/15522
- http://www.osvdb.org/15523
- http://securitytracker.com/id?1013720
- http://secunia.com/advisories/14969
- http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab
- http://marc.info/?l=bugtraq&m=111352017704126&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20096