Vulnerabilities > CVE-2005-4291 - Cross-Site Scripting vulnerability in ECTOOLS Onlineshop
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in cart.cgi in ECTOOLS Onlineshop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) product, (2) category, and (3) uid parameters.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | ECTOOLS Onlineshop 1.0 Cross-Site Scripting Vulnerability. CVE-2005-4291. Webapps exploit for cgi platform |
| id | EDB-ID:26849 |
| last seen | 2016-02-03 |
| modified | 2005-12-15 |
| published | 2005-12-15 |
| reporter | r0t3d3Vil |
| source | https://www.exploit-db.com/download/26849/ |
| title | ECTOOLS Onlineshop 1.0 - Cross-Site Scripting Vulnerability |