CVE-2007-2968

Published: Jun 1, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in register.php in cpCommerce 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter (Full Name field).

Affected (1)

Products: Cpcommerce: Cpcommerce

Cpcommerce

1 product

Cpcommerce

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cpcommerce Cpcommerce	Up to 1.1.0

References (12)

http://osvdb.org/36697

Source: cve@mitre.org

http://secunia.com/advisories/25424

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/2761

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/469595/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/24166

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34517

Source: cve@mitre.org

http://osvdb.org/36697