Summary
The remote web server contains a CGI which is contains a cross site scripting vulnerability.
Description :
The remote host is using Cart32, a shopping cart software.
There is a bug in this software which makes it vulnerable to cross site scripting attacks.
An attacker may use this bug to steal the credentials of the legitimate users of this site.
Solution
Upgrade to the newest version of this software
Severity
Classification
-
CVE CVE-2004-0675 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
- Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
- Apache Solr Directory Traversal Vulnerability Jan-14
- 11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
- Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability