Unrated severityNVD Advisory· Published Dec 16, 2005· Updated Apr 16, 2026

CVE-2005-4285

Description

Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copits PDEstore 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the search module parameter or the (2) product and (3) cart_id parameters.

Affected products

Dick Copits/Pdestore
cpe:2.3:a:dick_copits:pdestore:*:*:*:*:*:*:*:*
Range: <=1.8

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/15898nvdExploit
secunia.com/advisories/18042nvdVendor Advisory
pridels0.blogspot.com/2005/12/pdestore-xss-vuln.htmlnvd
www.osvdb.org/21727nvd
www.vupen.com/english/advisories/2005/2912nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000