Vulnerability Details CVE-2008-6278
Multiple cross-site scripting (XSS) vulnerabilities in product.php in RakhiSoftware Price Comparison Script (aka Shopping Cart) allow remote attackers to inject arbitrary web script or HTML via the (1) category_id and (2) subcategory_id parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.8%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/50326
- http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt
- http://secunia.com/advisories/32950
- http://www.securityfocus.com/bid/32563
- http://osvdb.org/50326
- http://packetstormsecurity.com/0811-exploits/rakhi-sqlxssfpd.txt
- http://secunia.com/advisories/32950
- http://www.securityfocus.com/bid/32563
Products affected by CVE-2008-6278
-
cpe:2.3:a:rakhisoftware:rakhisoftware_shopping_cart:-