Multiple cross-site scripting (XSS) vulnerabilities in index.htm in Zwahlen Online Shop Freeware 5.2.2.50, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) Kat, (3) id, or (4) no parameters. NOTE: some of these details are obtained from third party information.
References
Link | Resource |
---|---|
http://attrition.org/pipermail/vim/2006-November/001106.html | |
http://secunia.com/advisories/22571 | Vendor Advisory |
http://www.osvdb.org/30016 | |
http://www.vupen.com/english/advisories/2006/4160 | Vendor Advisory |
Configurations
History
No history.
Information
Published : 2006-10-26 17:07
Updated : 2024-02-04 17:13
NVD link : CVE-2006-5534
Mitre link : CVE-2006-5534
CVE.ORG link : CVE-2006-5534
JSON object : View
Products Affected
zwahlen_informatik
- online_shop
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')