|
| Description: | | Vanguard Marketplace Digital Products PHP is a PHP-based online trading site script for MP3 and other digital files. A cross-site scripting vulnerability exists in Vanguard Marketplace Digital Products PHP. A remote attacker can inject arbitrary Web script or HTML into the phps_query parameter by sending a request to /search. |
|
| Impact: | | An attacker can conduct a cross-site scripting attack to inject malicious client-side scripts into web pages viewed by other users, or to bypass access controls such as the same-origin policy, if affected version is installed. |
|
| Affected OS: | | Windows, Linux, Others |
|
| Reference: | | https://github.com/d4wner/Vulnerabilities-Report/blob/master/Vanguard.md
|
|