This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.
The remote web application is vulnerable to cross-site scripting.
The remote host runs Pinnacle Cart, a shopping cart software written
The remote version of this software is vulnerable to cross-site
scripting attacks due to a lack of sanity checks on the 'pg' parameter
in the script 'index.php'.
Upgrade to Pinnacle Cart 3.3 or newer.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true