Vulnerabilities > CVE-2005-4289 - Cross-Site Scripting vulnerability in Edatcat Shopping Cart System 0.3

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

edatcat

exploit available

NVD

Published: 2005-12-16

Updated: 2008-09-20

Summary

Cross-site scripting (XSS) vulnerability in EDCstore.pl in eDatCat 0.3 allows remote attackers to inject arbitrary web script or HTML via the user_action parameter.

Vulnerable Configurations

Part	Description	Count
Application	Edatcat Edatcat Edatcat Shopping Cart System 0.3	1

Exploit-Db

description	eDatCat 3.0 EDCstore.PL Cross-Site Scripting Vulnerability. CVE-2005-4289. Webapps exploit for cgi platform
id	EDB-ID:26847
last seen	2016-02-03
modified	2005-12-15
published	2005-12-15
reporter	r0t3d3Vil
source	https://www.exploit-db.com/download/26847/
title	eDatCat 3.0 EDCstore.PL Cross-Site Scripting Vulnerability

References

http://pridels0.blogspot.com/2005/12/edatcat-xss-vuln.html
http://www.securityfocus.com/bid/15889