Lucene search
HistoryJun 21, 2007 - 6:30 p.m.
CVE-2007-3324
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.2%
Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 7.07 allow remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter to (1) comersus_customerAuthenticateForm.asp or (2) comersus_message.asp, different vectors than CVE-2004-0681.
Affected configurations
Node
comersus_open_technologiescomersus_cartMatch7.07
Related
cve
cve
CVE-2007-3324
2007-06-21 18:30:00
CVE-2004-0681
2004-08-06 04:00:00
cvelist
cvelist
CVE-2007-3324
2007-06-21 18:00:00
CVE-2004-0681
2004-07-13 04:00:00
prion
prion
Cross site scripting
2007-06-21 18:30:00
nvd
nvd
CVE-2004-0681
2004-08-06 04:00:00
openvas
openvas
Comersus Cart Cross-Site Scripting Vulnerability
2005-11-03 00:00:00
Comersus Cart Cross-Site Scripting Vulnerability
2005-11-03 00:00:00
nessus
nessus
Comersus Cart Multiple Input Validation Vulnerabilities (SQLi, XSS)
2004-08-02 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.2%
Related for NVD:CVE-2007-3324