Vulnerabilities > CVE-2005-4285 - Cross-Site Scripting vulnerability in Dick Copits PDEstore

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
dick-copits
exploit available
NVD
Published: 2005-12-16
Updated: 2011-03-08

Summary

Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copits PDEstore 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the search module parameter or the (2) product and (3) cart_id parameters.

Vulnerable Configurations

Part Description Count
Application
Dick_Copits
1

Exploit-Db

descriptionDick Copits PDEstore 1.8 Multiple Cross-Site Scripting Vulnerabilities. CVE-2005-4285. Webapps exploit for cgi platform
idEDB-ID:26852
last seen2016-02-03
modified2005-12-15
published2005-12-15
reporterr0t3d3Vil
sourcehttps://www.exploit-db.com/download/26852/
titleDick Copits PDEstore 1.8 - Multiple Cross-Site Scripting Vulnerabilities

References