132 matches found
CVE-2005-2191
Multiple cross-site scripting XSS vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter to comersusbackofficelistAssignedPricesToCustomer.asp or 2 message parameter to comersusbackofficemessage.asp...
CVE-2005-2190
Multiple SQL injection vulnerabilities in Comersus shopping cart allow remote attackers to execute arbitrary SQL commands via the 1 email parameter to comersusoptAffiliateRegistrationExec.asp or 2 idProduct parameter to comersusoptReviewReadExec.asp...
CVE-2005-2191
CVE-2005-2191 concerns multiple XSS vulnerabilities in Comersus shopping cart. The flaws allow remote attackers to inject arbitrary web script or HTML via the name parameter in comersus_backoffice_listAssignedPricesToCustomer.asp or the message parameter in comersus_backoffice_message.asp. This r...
CVE-2005-2190
CVE-2005-2190 concerns multiple SQL injection flaws in Comersus Shop Cart. Remote attackers can inject via (1) email to comersus_optAffiliateRegistrationExec.asp or (2) idProduct to comersus_optReviewReadExec.asp, potentially executing arbitrary SQL on the database. The NVD notes a Base Score of ...
[Bday release] Comersus shopping cart has multiple Sql injection and Cross Site Scripting vulnerabilities
Dcrab 's Security Advisory http://www.dbtech.org Deadbolt Computer Technologies SPECIAL BIRTHDAY RELEASE, 18TH BIRTHDAY RELEASE FOR DIABOLIC CRAB, YOU CAN SEND EMAILS TO [email protected] Get Dcrab's Services to audit your Web servers, scripts, networks, etc or even code them. Learn more at...
Comersus Cart Multiple Vulnerabilities (SQLi, XSS)
The version of Comersus Cart installed on the remote host suffers from multiple SQL injection and cross-site scripting flaws due to its failure to sanitize user-supplied input. Attackers may be able to exploit these flaws to influence database queries or cause arbitrary HTML and script code to be...
Comersus Cart <= 6.0.41 Multiple XSS / SQL Injection
Binary data 3054.prm...
comersusMulti.txt
------=NextPart001001101C58325.76D757E0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Dcrab 's Security Advisory http://www.dbtech.org Deadbolt Computer Technologies SPECIAL BIRTHDAY RELEASE, 18TH BIRTHDAY RELEASE FOR DIABOLIC CRAB, YOU = CAN SEND EMAI...
Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities
Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/14191/info Comersus Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize...
Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injections
Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injections source: https://www.securityfocus.com/bid/14183/info Comersus Cart is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before usi...
Comersus Open Technologies Comersus Cart 6.0.41 - Multiple SQL Injections
source: https://www.securityfocus.com/bid/14183/info Comersus Cart is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise...
Comersus Open Technologies Comersus Cart 6.0.41 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/14191/info Comersus Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...
CVE-2005-1188
Cross-site scripting XSS vulnerability in comersussearchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter...
CVE-2005-0303
Multiple cross-site scripting XSS vulnerabilities in 1 comersussupportError.asp or 2 comersusbackofficelitesupportError.asp in BackOffice Lite 6.0 and 6.01 allow remote attackers to inject arbitrary web script or HTML via the error parameter...
CVE-2005-1010
Cross-site scripting XSS vulnerability in Comersus Cart 6 allows remote attackers to inject arbitrary web script or HTML via the account username...
[HSC Security Group] Comersus v6 Script injection
Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: Comersus v6 Shopping Cart Sever Script injection Risk: High Comersus is one of the most used Shopping Cart software written in asp, available for nix and windows platforms. A critical script injection can...
CVE-2005-1188
CVE-2005-1188 involves a cross-site scripting (XSS) vulnerability in Comersus Cart, specifically in the comersus_searchItem.asp script. Affected versions range from 3.90 to 4.51. The underlying issue is insufficient sanitization of the curPage parameter, enabling remote attackers to inject arbitr...
CVE-2005-1188
Cross-site scripting XSS vulnerability in comersussearchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter...
comersusv6.txt
--Alt-Boundary-27163.23868601 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: Comersus v6 Shopping Cart Sever Script injection Risk: High...
Comersus Cart 4.05.0 - Comersus_Search_Item.asp Cross-Site Scripting
Comersus Cart 4.05.0 - ComersusSearchItem.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13125/info Comersus Cart is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly validate user-supplied input. An attacker may...