Affected configuration(s):
cpe:/a:ham3d:ham3d_shop_engine:-
Date published: 2014-06-18T10:55:13.383-04:00
Date last modified: 2014-06-18T14:53:24.447-04:00
CVSS Score: 4.3
Principal attack vector: NETWORK
Complexity: MEDIUM
Reference URL: http://packetstormsecurity.com/files/127050/HAM3D-Shop-Engine-CMS-Cross-Site-Scripting.html
Summary: Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D Shop Engine allows remote attackers to inject arbitrary web script or HTML via the ID parameter.