ID CVE-2005-1004
Summary Cross-site scripting (XSS) vulnerability in usrdetails.php in ProfitCode PayProCart 3.0 allows remote attackers to inject arbitrary web script or HTML via the sgnuptype parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:profitcode:payprocart:3.0
    cpe:2.3:a:profitcode:payprocart:3.0
CVSS
Base: 4.3 (as of 14-06-2005 - 08:52)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
exploit-db via4
description ProfitCode Software PayProCart 3.0 Usrdetails.PHP Cross-Site Scripting Vulnerability. CVE-2005-1004. Webapps exploit for php platform
id EDB-ID:25337
last seen 2016-02-03
modified 2005-04-05
published 2005-04-05
reporter Diabolic Crab
source https://www.exploit-db.com/download/25337/
title ProfitCode Software PayProCart 3.0 Usrdetails.PHP Cross-Site Scripting Vulnerability
nessus via4
NASL family CGI abuses : XSS
NASL id PAYPROCART_XSS.NASL
description The remote host is running PayProCart, a shopping cart software program written in PHP. The remote version of this software contains an input validation flaw in the file 'usrdetails.php' that could allow an attacker to use the remote host to perform a cross-site scripting attack.
last seen 2019-02-21
modified 2018-07-24
plugin id 17996
published 2005-04-07
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=17996
title ProfitCode PayProCart usrdetails.php sgnuptype Parameter XSS
refmap via4
bugtraq 20050404 Authenticaion bypass, Directory transversal and XSS
sectrack 1013640
secunia 14832
xf Payprocart-usrdetails-xss(19955)
Last major update 17-10-2016 - 23:16
Published 02-05-2005 - 00:00
Last modified 10-07-2017 - 21:32
Back to Top