Vulnerabilities > CVE-2006-0116 - Cross-Site Scripting vulnerability in iNETstore Online Search

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

inetstore

NVD

Published: 2006-01-09

Updated: 2018-10-19

Summary

Cross-site scripting vulnerability search.inetstore in iNETstore Ebusiness Software 2.0 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter.

Vulnerable Configurations

Part	Description	Count
Application	Inetstore Inetstore Inetstore Online *	1

References

http://osvdb.org/ref/22/22251-inetstore.txt
http://secunia.com/advisories/18322
http://www.attrition.org/pipermail/vim/2006-January/000515.html
http://www.osvdb.org/22251
http://www.securityfocus.com/archive/1/423137/100/0/threaded
http://www.securityfocus.com/bid/16156
http://www.vupen.com/english/advisories/2006/0075