Vulnerabilities > CVE-2006-0532 - Cross-Site Scripting vulnerability in SoftMaker Shop

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
media2-cms
exploit available

Summary

Cross-site scripting (XSS) vulnerability in resultat.asp in SoftMaker Shop allows remote attackers to inject arbitrary web script or HTML via a strSok parameter containing a javascript: URI in an IMG SRC attribute.

Vulnerable Configurations

Part Description Count
Application
Media2_Cms
1

Exploit-Db

descriptionSoftMaker Shop 0 Multiple Cross-Site Scripting Vulnerabilities. CVE-2006-0532 . Webapps exploit for asp platform
idEDB-ID:27160
last seen2016-02-03
modified2006-02-02
published2006-02-02
reporter[email protected]
sourcehttps://www.exploit-db.com/download/27160/
titleSoftMaker Shop - Multiple Cross-Site Scripting Vulnerabilities