Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie.
https://exchange.xforce.ibmcloud.com/vulnerabilities/75673
http://www.securityfocus.com/bid/53539
http://www.kent-web.com/cart/mart.html