Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in CubeCart 4.2.1 allow remote attackers to inject arbitrary web script or HTML via (1) the _a parameter in a searchStr action and the (2) Submit parameter.

Remediation

References

CVE-2008-1550

Related Vulnerabilities

Oracle Database Server CVE-2008-2591 Vulnerability (CVE-2008-2591)

WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.4.17)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-13258)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4421)

WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.15)

Severity

Medium

Classification

CVE-2008-1550 CWE-707

Tags

Missing Update Known Vulnerabilities