Vulnerability Details CVE-2006-3141
Cross-site scripting (XSS) vulnerability in details.cfm in Tradingeye Shop R4 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.2%
CVSS Severity
CVSS v2 Score 4.3
References
- http://pridels0.blogspot.com/2006/06/tradingeye-shop-r4-xss.html
- http://secunia.com/advisories/20736
- http://www.osvdb.org/26637
- http://www.securityfocus.com/bid/18526
- http://www.vupen.com/english/advisories/2006/2424
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27202
- http://pridels0.blogspot.com/2006/06/tradingeye-shop-r4-xss.html
- http://secunia.com/advisories/20736
- http://www.osvdb.org/26637
- http://www.securityfocus.com/bid/18526
- http://www.vupen.com/english/advisories/2006/2424
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27202
Products affected by CVE-2006-3141
-
cpe:2.3:a:dpivision:tradingeye_shop:*