Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Productcart | Early_impact | 1.5 (including) | 1.5 (including) |
| Productcart | Early_impact | 1.6b (including) | 1.6b (including) |
| Productcart | Early_impact | 1.6b001 (including) | 1.6b001 (including) |
| Productcart | Early_impact | 1.6b002 (including) | 1.6b002 (including) |
| Productcart | Early_impact | 1.6b003 (including) | 1.6b003 (including) |
| Productcart | Early_impact | 1.6br (including) | 1.6br (including) |
| Productcart | Early_impact | 1.6br001 (including) | 1.6br001 (including) |
| Productcart | Early_impact | 1.6br003 (including) | 1.6br003 (including) |
| Productcart | Early_impact | 1.5002 (including) | 1.5002 (including) |
| Productcart | Early_impact | 1.5003 (including) | 1.5003 (including) |
| Productcart | Early_impact | 1.5003r (including) | 1.5003r (including) |
| Productcart | Early_impact | 1.5004 (including) | 1.5004 (including) |
| Productcart | Early_impact | 1.6002 (including) | 1.6002 (including) |
| Productcart | Early_impact | 1.6003 (including) | 1.6003 (including) |
| Productcart | Early_impact | 2 (including) | 2 (including) |
| Productcart | Early_impact | 2br000 (including) | 2br000 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=105761696706800\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=105761696706800\u0026w=2