Cross-site Scripting Vulnerability in iScripts eSwap from iScripts
CVE-2010-5035

Currently unrated

Key Information:

Vendor

Iscripts

Status
Eswap
Vendor
CVE Published:
2 November 2011

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2010-5035?

The iScripts eSwap 2.0 product has a vulnerability in its search.php file that permits remote attackers to inject malicious web scripts or HTML via the txtHomeSearch parameter. By exploiting this vulnerability, an attacker could execute scripts in the context of the user's browser, potentially leading to the theft of session cookies, credentials, or other sensitive data. It is crucial for users of this product to apply necessary patches and maintain vigilance against such attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/59148
vdb-entryx_refsource_XF
http://packetstormsecurity.org/1006-exploits/iscriptsewap...
x_refsource_MISC
http://www.vupen.com/english/advisories/2010/1360
vdb-entryx_refsource_VUPEN

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.