Intrusion Prevention

Mini.Web.Shop.Viewcategory.PHP.XSS

Description

This indicates a possible exploit of a cross-site scripting vulnerability in modules/viewcategory.php, in Mini Web Shop, that may allow remote attackers to inject an arbitrary web script or HTML via the catname parameter.

Affected Products

ObieWebsite Mini Web Shop 2.1.c

Impact

Stealing cookie based information.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2006-6734