CVE-2007-0056

Ashopsoftware Ashop Administration Panel - XSS

Title source: rule
STIX 2.1

Description

Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop/catalogue.php, the (3) searchstring parameter to (c) ashop/search.php, the (4) checkout and (5) action parameters to (d) ashop/shipping.php, the cat parameter to (f) cart-path/admin/editcatalogue.php, and the (7) resultpage parameter to (g) cart-path/admin/salesadmin.php.

Exploits (6)

exploitdb WRITEUP VERIFIED
by Hackers Center Security · textwebappsphp
https://www.exploit-db.com/exploits/29380
exploitdb WRITEUP VERIFIED
by Hackers Center Security · textwebappsphp
https://www.exploit-db.com/exploits/29379
exploitdb WRITEUP VERIFIED
by Hackers Center Security · textwebappsphp
https://www.exploit-db.com/exploits/29382
exploitdb WRITEUP VERIFIED
by Hackers Center Security · textwebappsphp
https://www.exploit-db.com/exploits/29381
exploitdb WRITEUP VERIFIED
by Hackers Center Security · textwebappsphp
https://www.exploit-db.com/exploits/29377
exploitdb WRITEUP VERIFIED
by Hackers Center Security · textwebappsphp
https://www.exploit-db.com/exploits/29378

References (12)

Core 12
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23547
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/455629/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21845
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2091
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/32553
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/32556
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/32554
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/32558
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31178
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/32555
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/32557
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0028

Scores

EPSS 0.0093
EPSS Percentile 76.1%

Details

Status published
Products (2)
ashopsoftware/ashop_administration_panel
ashopsoftware/ashop_deluxe 4.5
Published Jan 04, 2007
Tracked Since Feb 18, 2026