CVE-2007-0056

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop/catalogue.php, the (3) searchstring parameter to (c) ashop/search.php, the (4) checkout and (5) action parameters to (d) ashop/shipping.php, the cat parameter to (f) cart-path/admin/editcatalogue.php, and the (7) resultpage parameter to (g) cart-path/admin/salesadmin.php.

🔗 References (24)

cve@mitrehttp://osvdb.org/32553
cve@mitrehttp://osvdb.org/32554
cve@mitrehttp://osvdb.org/32555
cve@mitrehttp://osvdb.org/32556
cve@mitrehttp://osvdb.org/32557
cve@mitrehttp://osvdb.org/32558
cve@mitrehttp://secunia.com/advisories/23547
cve@mitrehttp://securityreason.com/securityalert/2091
cve@mitrehttp://www.securityfocus.com/archive/1/455629/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/21845
cve@mitrehttp://www.vupen.com/english/advisories/2007/0028
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/31178
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/32553
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/32554
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/32555

Is Your Infrastructure Affected by CVE-2007-0056?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-0056

📅 Published

🔄 Last Modified

🔗 References (24)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-0056?