Lucene search
K

5 matches found

Cvelist
Cvelist
added 2005/05/10 4:0 a.m.19 views

CVE-2004-1881

SQL injection vulnerability in 1 mailorder.asp or 2 payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter...

8.3AI score0.03067EPSS
Exploits1References8
CVE
CVE
added 2005/05/10 4:0 a.m.62 views

CVE-2004-1881

CVE-2004-1881 affects CactuShop 5.x. The SQL injection vulnerability occurs in mailorder.asp and payonline.asp, where the user-supplied strItems parameter is not filtered before use in an SQL query, allowing remote attackers to modify queries and potentially execute system commands (e.g., via xp_...

7.5CVSS8.4AI score0.03067EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2005/05/10 4:0 a.m.44 views

CVE-2004-1882

CVE-2004-1882 concerns CactuShop 5.x (ASP). The vulnerability is a cross-site scripting (XSS) flaw in the script popuplargeimage.asp, exploitable via the user-controlled parameter strImageTag . OpenVAS notes that the remote host runs CactuShop and that lack of sanitization can enable execution of...

4.3CVSS5.7AI score0.04031EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.16 views

CVE-2004-1882

Cross-site scripting XSS vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attackers to inject arbitrary web script or HTML via the strImageTag parameter...

4.3CVSS5.7AI score0.04031EPSS
Exploits1References7
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-1881

SQL injection vulnerability in 1 mailorder.asp or 2 payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter...

7.5CVSS8.3AI score0.03067EPSS
Exploits1References8
Rows per page
Query Builder