Unrated severityNVD Advisory· Published Jun 15, 2006· Updated Apr 16, 2026

CVE-2006-3030

Description

Multiple cross-site scripting (XSS) vulnerabilities in DwZone Shopping Cart 1.1.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ToCategory and (2) FromCategory parameters to (a) ProductDetailsForm.asp and (3) UserName and (4) Password parameters to (b) LogIn/VerifyUserLog.asp.

Affected products

Dwzone/Dwzone Shopping Cart
cpe:2.3:a:dwzone:dwzone_shopping_cart:*:*:*:*:*:*:*:*
Range: <=1.1.9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20603nvdVendor Advisory
pridels0.blogspot.com/2006/06/dwzone-shopping-cart-xss-vuln.htmlnvd
www.osvdb.org/26401nvd
www.osvdb.org/26402nvd
www.vupen.com/english/advisories/2006/2291nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27032nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000