← back
CVE-2010-1541

CVE-2010-1541

EPSS 1.1%
Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category and (2) list_quantity parameters to index.php, and the (3) category parameter to your.order.php.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://holisticinfosec.org/content/view/135/45/http://osvdb.org/62671http://osvdb.org/62672http://secunia.com/advisories/38635http://www.securityfocus.com/bid/38505