CVE-2006-5190 | osCommerce stats_products_purchased.php page cross site scripting (EDB-28743 / XFDB-29355)
A vulnerability was found in osCommerce. It has been rated as problematic. Impacted is an unknown function of the file admin/stats_products_purchased.php. The manipulation of the argument page leads to basic cross site scripting.
This vulnerability is traded as CVE-2006-5190. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.