ObieWebsite Mini Web Shop 2 - 'Sendmail.php?PATH_INFO' Cross-Site Scripting
| EKU-ID: 35083 | CVE: CVE-2007-2532;OSVDB-36249 | OSVDB-ID: |
| Author: CorryL | Published: 2007-05-02 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 35083 | CVE: CVE-2007-2532;OSVDB-36249 | OSVDB-ID: |
| Author: CorryL | Published: 2007-05-02 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks. This issue affects Mini Web Shop 2; other versions may also be affected. http://remote-server/path/modules/sendmail.php/[xss]