Vulnerabilities > CVE-2007-2547 - Input Validation vulnerability in Turnkey web Tools Sunshop Shopping Cart 4.0

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
turnkey-web-tools
exploit available

Summary

Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter.

Vulnerable Configurations

Part Description Count
Application
Turnkey_Web_Tools
1

Exploit-Db

descriptionTurnkeyWebTools SunShop Shopping Cart 4.0 index.php l Parameter XSS. CVE-2007-2547. Webapps exploit for php platform
idEDB-ID:29961
last seen2016-02-03
modified2007-05-07
published2007-05-07
reporterJohn Martinelli
sourcehttps://www.exploit-db.com/download/29961/
titleTurnkeyWebTools SunShop Shopping Cart 4.0 index.php l Parameter XSS