Description
Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote attackers to inject arbitrary web script or HTML via the (1) txtkeywords and (2) cid parameters.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by 599eme Man · textwebappsphp
https://www.exploit-db.com/exploits/34710
References (3)
Core 3
Core References
Exploit x_refsource_misc
http://packetstormsecurity.org/0907-exploits/scsc-sqlxss.txt
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35894
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1977
Scores
EPSS
0.0086
EPSS Percentile
75.2%
Details
CWE
CWE-79
Status
published
Products (1)
resalecode/php_shopping_cart_selling_website_script
Published
Mar 10, 2010
Tracked Since
Feb 18, 2026