Lucene search
Thomas RyanEDB-ID:24261HistoryJul 07, 2004 - 12:00 a.m.
Comersus Open Technologies Comersus 5.0 - 'comersus_message.asp' Cross-Site Scripting
2004-07-0700:00:00
Thomas Ryan
www.exploit-db.com
24
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/10674/info
Comersus Cart is reported prone to multiple vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks and manipulate parameters to change the price of an order.
Comersus Cart version 5.09 is affected by these issues, however, other versions may be prone to these vulnerabilities as well.
http://www.example.com/comersus/backofficeLite/comersus_backoffice_message.asp?message=<script>alert("VULNERABLE_TO_XSS")</script>Related
nvd
nvd
CVE-2004-0681
2004-08-06 04:00:00
CVE-2007-3324
2007-06-21 18:30:00
cvelist
cvelist
CVE-2004-0681
2004-07-13 04:00:00
CVE-2007-3324
2007-06-21 18:00:00
cve
cve
CVE-2004-0681
2004-08-06 04:00:00
CVE-2007-3324
2007-06-21 18:30:00
prion
prion
Cross site scripting
2007-06-21 18:30:00
nessus
nessus
Comersus Cart Multiple Input Validation Vulnerabilities (SQLi, XSS)
2004-08-02 00:00:00
openvas
openvas
Comersus Cart Cross-Site Scripting Vulnerability
2005-11-03 00:00:00
Comersus Cart Cross-Site Scripting Vulnerability
2005-11-03 00:00:00