Vulnerabilities > CVE-2006-5958 - Cross-Site Scripting vulnerability in infinicart
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple cross-site scripting (XSS) vulnerabilities in INFINICART allow remote attackers to inject arbitrary web script or HTML via the (1) username and (2) password fields in (a) login.asp, (3) search field in (b) search.asp, and (4) email field in (c) sendpassword.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description INFINICART search.asp search Parameter XSS. CVE-2006-5958. Webapps exploit for asp platform id EDB-ID:28989 last seen 2016-02-03 modified 2006-11-13 published 2006-11-13 reporter laurent gaffie source https://www.exploit-db.com/download/28989/ title INFINICART search.asp search Parameter XSS description INFINICART login.asp Multiple Parameter XSS. CVE-2006-5958. Webapps exploit for asp platform id EDB-ID:28991 last seen 2016-02-03 modified 2006-11-13 published 2006-11-13 reporter laurent gaffie source https://www.exploit-db.com/download/28991/ title INFINICART login.asp Multiple Parameter XSS description INFINICART sendpassword.asp email Parameter XSS. CVE-2006-5958. Webapps exploit for asp platform id EDB-ID:28990 last seen 2016-02-03 modified 2006-11-13 published 2006-11-13 reporter laurent gaffie source https://www.exploit-db.com/download/28990/ title INFINICART sendpassword.asp email Parameter XSS