ID de Prueba:	1.3.6.1.4.1.25623.1.0.17227
Categoría:	Web application abuses
Título:	Brooky CubeCart index.php language XSS Vulnerability
Resumen:	CubeCart is vulnerable to cross-site scripting (XSS) and remote; script injection due to a lack of sanitization of user-supplied data.
Descripción:	Summary: CubeCart is vulnerable to cross-site scripting (XSS) and remote script injection due to a lack of sanitization of user-supplied data. Vulnerability Impact: Successful exploitation of this issue may allow an attacker to execute malicious script code on a vulnerable server. Solution: Update to version 2.0.5 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0442 BugTraq ID: 12549 http://www.securityfocus.com/bid/12549 Bugtraq: 20050214 [NOBYTES.COM: #2] CubeCart 2.0.4 - Multiple Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110842125901191&w=2 Bugtraq: 20050406 RE: [NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure (Google Search) http://marc.info/?l=bugtraq&m=111281888605580&w=2 http://secunia.com/advisories/14272 XForce ISS Database: cubecart-dotdot-directory-traversal(19322) https://exchange.xforce.ibmcloud.com/vulnerabilities/19322 Common Vulnerability Exposure (CVE) ID: CVE-2005-0443 http://www.osvdb.org/14064 XForce ISS Database: cubecart-index-xss(19328) https://exchange.xforce.ibmcloud.com/vulnerabilities/19328
Copyright	Copyright (C) 2005 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.