Cross-Site Scripting Vulnerability in JShop by JShop
CVE-2004-1738

Currently unrated

Key Information:

Vendor: Jshop E-commerce
Status: Jshop Server
Vendor: CVE Published:; 31 December 2004

🔔 Create Jshop E-commerce Vulnerability Alert

What is CVE-2004-1738?

An XSS vulnerability exists in the page.php script of JShop that allows remote attackers to inject arbitrary HTML or web scripts into web pages via the xPage parameter. This can lead to unauthorized actions being performed on behalf of unsuspecting users, potentially compromising sensitive information.

References

http://indohack.sourceforge.net/drponidi/jshop-vuln.txt

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/17075

vdb-entryx_refsource_XF

http://secunia.com/advisories/12345

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Feb 26, 2005
Vulnerability published
Dec 31, 2004

CVE-2004-1738 Data

JSON