CVE-2008-6278
Rakhisoftware Shopping Cart - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in product.php in RakhiSoftware Price Comparison Script (aka Shopping Cart) allow remote attackers to inject arbitrary web script or HTML via the (1) category_id and (2) subcategory_id parameters.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Charalambous Glafkos · textwebappsphp
https://www.exploit-db.com/exploits/32607
Scores
EPSS
0.0090
EPSS Percentile
75.5%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
rakhisoftware/rakhisoftware_shopping_cart
n/a/n/a
Timeline
Published
Feb 25, 2009
Tracked Since
Feb 18, 2026