Multiple Cross-Site Scripting (XSS) Vulnerabilities in e-Quick Cart

Multiple Cross-Site Scripting (XSS) Vulnerabilities in e-Quick Cart

CVE-2005-3736 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart allow remote attackers to inject arbitrary web script or HTML via the (1) strgifttoname parameter in shopgift.asp, (2) strfirstname parameter in shopmaillist.asp, (3) strpid parameter in shopprojectlogin.asp, and (4) Custname parameter in shoptellafriend.asp.

Learn more about our Web App Pen Testing.