PT-2006-2703 · Interaktiv · Interaktiv.Shop

Published

2006-04-11

Updated

2017-07-20

CVE-2006-1709

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: interaktiv.shop version 5

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the pn and sbeg parameters.

Recommendations: For interaktiv.shop version 5, avoid using the pn and sbeg parameters in the affected API endpoint until the issue is resolved. Restrict access to the vulnerable shop main.cgi module to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1709

Affected Products

Interaktiv.Shop

PT-2006-2703 · Interaktiv · Interaktiv.Shop

CVE-2006-1709

Related Identifiers

Affected Products

References · 8