Unrated severityNVD Advisory· Published May 11, 2005· Updated Jun 16, 2026
CVE-2005-1502
CVE-2005-1502
Description
Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the (1) searchstring parameter to search_list.php or the (2) secondgroup or (3) maingroup parameters to item_list.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:midicart_software:midicart_php_shopping_cart:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:midicart_software:midicart_php_shopping_cart:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
9- www.securityfocus.com/bid/13516nvdExploit
- www.securityfocus.com/bid/13517nvdExploit
- www.securityfocus.com/bid/13518nvdExploit
- marc.infonvd
- secunia.com/advisories/15269nvd
- www.hackgen.org/advisories/hackgen-2005-004.txtnvd
- www.osvdb.org/16173nvd
- www.osvdb.org/16174nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/20427nvd
News mentions
0No linked articles in our index yet.