Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.6
CVSSv2

CVE-2006-2165

Published: 04/05/2006 Updated: 20/07/2017
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
VMScore: 231
Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Subscribe to Pentasoft Corp.

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in Avactis Shopping Cart 0.1.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) category_id parameter in (a) store_special_offers.php and (b) store.php and (2) prod_id parameter in (c) product_info.php. NOTE: this issue might be resultant from SQL injection.

Vulnerable Product Search on Vulmon Subscribe to Product

pentasoft corp. avactis shopping cart

References

NVD-CWE-Otherhttp://www.osvdb.org/25641http://www.osvdb.org/25642http://www.osvdb.org/25643http://pridels0.blogspot.com/2006/05/avactis-shopping-cart-vuln.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/26179https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook