Lucene search
HistoryAug 06, 2004 - 4:00 a.m.
CVE-2004-0682
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.045 Low
EPSS
Percentile
92.5%
comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other versions before 5.098, allows remote attackers to change the prices of items by directly modifying them in the URL.
Affected configurations
Node
comersus_open_technologiescomersus_cartMatch5.0.9
Related
cve
cve
CVE-2004-0682
2004-08-06 04:00:00
cvelist
cvelist
CVE-2004-0682
2004-07-13 04:00:00
openvas
openvas
Comersus Cart Cross-Site Scripting Vulnerability
2005-11-03 00:00:00
Comersus Cart Cross-Site Scripting Vulnerability
2005-11-03 00:00:00
nessus
nessus
Comersus Cart Multiple Input Validation Vulnerabilities (SQLi, XSS)
2004-08-02 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.045 Low
EPSS
Percentile
92.5%
Related for NVD:CVE-2004-0682