Lucene search
+L

132 matches found

cvelist
cvelist
added 2005/07/10 4:0 a.m.22 views

CVE-2005-2191

Multiple cross-site scripting XSS vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter to comersusbackofficelistAssignedPricesToCustomer.asp or 2 message parameter to comersusbackofficemessage.asp...

5.7AI score0.01208EPSS
Exploits0References4
cvelist
cvelist
added 2005/07/10 4:0 a.m.22 views

CVE-2005-2190

Multiple SQL injection vulnerabilities in Comersus shopping cart allow remote attackers to execute arbitrary SQL commands via the 1 email parameter to comersusoptAffiliateRegistrationExec.asp or 2 idProduct parameter to comersusoptReviewReadExec.asp...

8.4AI score0.01141EPSS
Exploits0References2
cve
cve
added 2005/07/10 4:0 a.m.53 views

CVE-2005-2191

CVE-2005-2191 concerns multiple XSS vulnerabilities in Comersus shopping cart. The flaws allow remote attackers to inject arbitrary web script or HTML via the name parameter in comersus_backoffice_listAssignedPricesToCustomer.asp or the message parameter in comersus_backoffice_message.asp. This r...

4.3CVSS5.8AI score0.01208EPSS
Exploits0References4Affected Software1
cve
cve
added 2005/07/10 4:0 a.m.164 views

CVE-2005-2190

CVE-2005-2190 concerns multiple SQL injection flaws in Comersus Shop Cart. Remote attackers can inject via (1) email to comersus_optAffiliateRegistrationExec.asp or (2) idProduct to comersus_optReviewReadExec.asp, potentially executing arbitrary SQL on the database. The NVD notes a Base Score of ...

7.5CVSS8.5AI score0.01141EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2005/07/08 12:0 a.m.108 views

[Bday release] Comersus shopping cart has multiple Sql injection and Cross Site Scripting vulnerabilities

Dcrab 's Security Advisory http://www.dbtech.org Deadbolt Computer Technologies SPECIAL BIRTHDAY RELEASE, 18TH BIRTHDAY RELEASE FOR DIABOLIC CRAB, YOU CAN SEND EMAILS TO [email protected] Get Dcrab's Services to audit your Web servers, scripts, networks, etc or even code them. Learn more at...

6.9AI score
Exploits0
nessus
nessus
added 2005/07/08 12:0 a.m.32 views

Comersus Cart Multiple Vulnerabilities (SQLi, XSS)

The version of Comersus Cart installed on the remote host suffers from multiple SQL injection and cross-site scripting flaws due to its failure to sanitize user-supplied input. Attackers may be able to exploit these flaws to influence database queries or cause arbitrary HTML and script code to be...

7.5CVSS5.6AI score0.01208EPSS
Exploits0References3
nessus
nessus
added 2005/07/07 12:0 a.m.22 views

Comersus Cart <= 6.0.41 Multiple XSS / SQL Injection

Binary data 3054.prm...

7.5CVSS7.3AI score0.01394EPSS
Exploits1References4
packetstorm
packetstorm
added 2005/07/07 12:0 a.m.15 views

comersusMulti.txt

------=NextPart001001101C58325.76D757E0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Dcrab 's Security Advisory http://www.dbtech.org Deadbolt Computer Technologies SPECIAL BIRTHDAY RELEASE, 18TH BIRTHDAY RELEASE FOR DIABOLIC CRAB, YOU = CAN SEND EMAI...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/07/07 12:0 a.m.8 views

Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities

Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/14191/info Comersus Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize...

7AI score
Exploits0
exploitpack
exploitpack
added 2005/07/07 12:0 a.m.24 views

Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injections

Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injections source: https://www.securityfocus.com/bid/14183/info Comersus Cart is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before usi...

0.5AI score
Exploits0
exploitdb
exploitdb
added 2005/07/07 12:0 a.m.26 views

Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/14183/info Comersus Cart is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2005/07/07 12:0 a.m.26 views

Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/14191/info Comersus Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...

7AI score
Exploits0
nvd
nvd
added 2005/05/02 4:0 a.m.19 views

CVE-2005-1188

Cross-site scripting XSS vulnerability in comersussearchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter...

4.3CVSS5.7AI score0.0362EPSS
Exploits1References5
nvd
nvd
added 2005/05/02 4:0 a.m.17 views

CVE-2005-0303

Multiple cross-site scripting XSS vulnerabilities in 1 comersussupportError.asp or 2 comersusbackofficelitesupportError.asp in BackOffice Lite 6.0 and 6.01 allow remote attackers to inject arbitrary web script or HTML via the error parameter...

4.3CVSS5.8AI score0.01164EPSS
Exploits0References3
nvd
nvd
added 2005/05/02 4:0 a.m.15 views

CVE-2005-1010

Cross-site scripting XSS vulnerability in Comersus Cart 6 allows remote attackers to inject arbitrary web script or HTML via the account username...

4.3CVSS5.7AI score0.01177EPSS
Exploits0References4
securityvulns
securityvulns
added 2005/04/27 12:0 a.m.24 views

[HSC Security Group] Comersus v6 Script injection

Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: Comersus v6 Shopping Cart Sever Script injection Risk: High Comersus is one of the most used Shopping Cart software written in asp, available for nix and windows platforms. A critical script injection can...

7.2AI score
Exploits0
cve
cve
added 2005/04/19 4:0 a.m.57 views

CVE-2005-1188

CVE-2005-1188 involves a cross-site scripting (XSS) vulnerability in Comersus Cart, specifically in the comersus_searchItem.asp script. Affected versions range from 3.90 to 4.51. The underlying issue is insufficient sanitization of the curPage parameter, enabling remote attackers to inject arbitr...

4.3CVSS5.7AI score0.0362EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2005/04/19 4:0 a.m.21 views

CVE-2005-1188

Cross-site scripting XSS vulnerability in comersussearchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter...

5.7AI score0.0362EPSS
Exploits1References5
packetstorm
packetstorm
added 2005/04/17 12:0 a.m.33 views

comersusv6.txt

--Alt-Boundary-27163.23868601 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: Comersus v6 Shopping Cart Sever Script injection Risk: High...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/04/12 12:0 a.m.20 views

Comersus Cart 4.05.0 - Comersus_Search_Item.asp Cross-Site Scripting

Comersus Cart 4.05.0 - ComersusSearchItem.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13125/info Comersus Cart is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly validate user-supplied input. An attacker may...

6.8AI score
Exploits0
Rows per page
Query Builder