Description
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Pouya_Server · textwebappsasp
https://www.exploit-db.com/exploits/32611
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/47003
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32568
Exploit x_refsource_misc
http://packetstormsecurity.org/0812-exploits/aspshoppingcart-xss.txt
Scores
EPSS
0.0246
EPSS Percentile
85.3%
Details
CWE
CWE-79
Status
published
Products (1)
codetoad/asp_shopping_cart_script
Published
Mar 20, 2009
Tracked Since
Feb 18, 2026