Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2003-0523

Published: Aug 18, 2003 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2003-0523
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter.

Affected Software

Name Vendor Start Version End Version
Productcart Early_impact 1.5003r 1.5003r
Productcart Early_impact 1.6002 1.6002
Productcart Early_impact 1.6b001 1.6b001
Productcart Early_impact 1.6br001 1.6br001
Productcart Early_impact 1.6b003 1.6b003
Productcart Early_impact 1.5 1.5
Productcart Early_impact 1.5004 1.5004
Productcart Early_impact 1.5002 1.5002
Productcart Early_impact 2br000 2br000
Productcart Early_impact 1.5003 1.5003
Productcart Early_impact 1.6br 1.6br
Productcart Early_impact 1.6br003 1.6br003
Productcart Early_impact 1.6003 1.6003
Productcart Early_impact 1.6b 1.6b
Productcart Early_impact 2 2
Productcart Early_impact 1.6b002 1.6b002

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2023 Aqua Security Software Ltd.   Privacy Policy | Terms of Use