Published: 02/05/2005 Updated: 14/02/2024

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 590

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote malicious users to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in owProductDetail.asp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oneworldstore oneworldstore

source: wwwsecurityfocuscom/bid/13185/info OneWorldStore is prone to a cross-site scripting vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user This may facilitate the t ...

source: wwwsecurityfocuscom/bid/13184/info OneWorldStore is prone to a cross-site scripting vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user This may facilitate the t ...

NVD-CWE-Other http://www.securityfocus.com/bid/13184 http://www.securityfocus.com/bid/13185 http://www.securityfocus.com/bid/13186 http://www.osvdb.org/15521 http://www.osvdb.org/15522 http://www.osvdb.org/15523 http://securitytracker.com/id?1013720 http://secunia.com/advisories/14969 http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab http://marc.info/?l=bugtraq&m=111352017704126&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/20096 https://nvd.nist.gov https://www.exploit-db.com/exploits/25428/

CVE-2005-1162

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect