Description
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ppp-design · textwebappsphp
https://www.exploit-db.com/exploits/21377
References (3)
Core 3
Core References
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4506
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8840.php
Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-04/0154.html
Scores
EPSS
0.0713
EPSS Percentile
91.6%
Details
Status
published
Products (6)
turnkey_solutions/sunshop_shopping_cart
1.5
turnkey_solutions/sunshop_shopping_cart
2.0
turnkey_solutions/sunshop_shopping_cart
2.1
turnkey_solutions/sunshop_shopping_cart
2.2
turnkey_solutions/sunshop_shopping_cart
2.4
turnkey_solutions/sunshop_shopping_cart
2.5
Published
Jul 03, 2002
Tracked Since
Feb 18, 2026