Test ID:	1.3.6.1.4.1.25623.1.0.17227
Category:	Web application abuses
Title:	Brooky CubeCart index.php language XSS Vulnerability
Summary:	CubeCart is vulnerable to cross-site scripting (XSS) and remote; script injection due to a lack of sanitization of user-supplied data.
Description:	Summary: CubeCart is vulnerable to cross-site scripting (XSS) and remote script injection due to a lack of sanitization of user-supplied data. Vulnerability Impact: Successful exploitation of this issue may allow an attacker to execute malicious script code on a vulnerable server. Solution: Update to version 2.0.5 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0442 BugTraq ID: 12549 http://www.securityfocus.com/bid/12549 Bugtraq: 20050214 [NOBYTES.COM: #2] CubeCart 2.0.4 - Multiple Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110842125901191&w=2 Bugtraq: 20050406 RE: [NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure (Google Search) http://marc.info/?l=bugtraq&m=111281888605580&w=2 http://secunia.com/advisories/14272 XForce ISS Database: cubecart-dotdot-directory-traversal(19322) https://exchange.xforce.ibmcloud.com/vulnerabilities/19322 Common Vulnerability Exposure (CVE) ID: CVE-2005-0443 http://www.osvdb.org/14064 XForce ISS Database: cubecart-index-xss(19328) https://exchange.xforce.ibmcloud.com/vulnerabilities/19328
Copyright	Copyright (C) 2005 David Maciejak

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.