Vulnerability Details CVE-2015-0950
Cross-site scripting (XSS) vulnerability in admin.php in X-Cart 5.1.6 through 5.1.10 allows remote attackers to inject arbitrary web script or HTML via the substring parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.5%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2015-0950
-
cpe:2.3:a:qualiteam:x-cart:5.1.10
-
cpe:2.3:a:qualiteam:x-cart:5.1.6
-
cpe:2.3:a:qualiteam:x-cart:5.1.7
-
cpe:2.3:a:qualiteam:x-cart:5.1.8
-
cpe:2.3:a:qualiteam:x-cart:5.1.9