Description
Cross-site scripting (XSS) vulnerability in subitems.php in PHP Easy Shopping Cart 3.1R allows remote attackers to inject arbitrary web script or HTML via the name parameter.
Exploits (1)
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/56835
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/52324
Exploit x_refsource_misc
http://packetstormsecurity.org/0908-exploits/pesc-xss.txt
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/36168
Scores
EPSS
0.0135
EPSS Percentile
80.2%
Details
CWE
CWE-79
Status
published
Products (1)
ecomstudio/php_easy_shopping_cart
3.1r
Published
May 11, 2010
Tracked Since
Feb 18, 2026