Description
Cross-site scripting (XSS) vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the ordernum parameter.
Exploits (1)
References (4)
Core 4
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23652
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/3089
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31321
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/31690
Scores
EPSS
0.0560
EPSS Percentile
90.4%
Details
Status
published
Products (1)
digitizing_quote_and_ordering_system/digitizing_quote_and_ordering_system
1.0
Published
Jan 09, 2007
Tracked Since
Feb 18, 2026