Vulnerabilities > CVE-2005-2386 - Cross-Site Scripting vulnerability in Elemental Software Cartwiz 1.10/1.20

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
elemental-software
exploit available

Summary

Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ 1.20 allows remote attackers to inject arbitrary web script or HTML via the message parameter.

Vulnerable Configurations

Part Description Count
Application
Elemental_Software
2

Exploit-Db

descriptionCartWIZ 1.10/1.20 ViewCart.ASP Cross Site Scripting Vulnerability. CVE-2005-2386 . Webapps exploit for asp platform
idEDB-ID:26033
last seen2016-02-03
modified2005-07-26
published2005-07-26
reporterZinho
sourcehttps://www.exploit-db.com/download/26033/
titleCartWIZ 1.10/1.20 ViewCart.ASP Cross-Site Scripting Vulnerability