Arbitrary Script Execution in CGI Online Worldweb Shopping 1.1 (COWS)

Arbitrary Script Execution in CGI Online Worldweb Shopping 1.1 (COWS)

CVE-2002-1680 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi.

Learn more about our Web App Pen Testing.