CVE-2008-0558

Uniwin Ecart Professional - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Uniwin eCart Professional before 2.0.16 allows remote attackers to inject arbitrary web script or HTML via the rp parameter to cartView.asp and unspecified other components. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References (2)

Scores

EPSS 0.0029
EPSS Percentile 51.8%

Classification

CWE
CWE-79
Status draft

Affected Products (4)

uniwin/ecart_professional
uniwin/ecart_professional
uniwin/ecart_professional
uniwin/ecart_professional

Timeline

Published Feb 04, 2008
Tracked Since Feb 18, 2026