CVE-2009-2032

CVE-2009-2032

EPSS 1.1%

Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://osvdb.org/55020 http://packetstorm.linuxsecurity.com/0906-exploits/pdshoppro-xss.txt http://secunia.com/advisories/34200