Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-3313

Malware in sbrugna...

7.5CVSS6.4AI score0.01041EPSS
Exploits1References6
OSV
OSV
added 2021/01/26 6:15 p.m.1 views

CVE-2020-23447

newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users only need to write xss payload in their address information when buying goods, which is triggered when viewing the "View Recipient Information" of this order in "Order Management Office"...

6.1CVSS6.3AI score0.0066EPSS
Exploits1References1
NVD
NVD
added 2021/01/26 6:15 p.m.17 views

CVE-2020-23447

newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users only need to write xss payload in their address information when buying goods, which is triggered when viewing the "View Recipient Information" of this order in "Order Management Office"...

6.1CVSS6AI score0.0066EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/01/26 5:15 p.m.16 views

CVE-2020-23447

newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users only need to write xss payload in their address information when buying goods, which is triggered when viewing the "View Recipient Information" of this order in "Order Management Office"...

6AI score0.0066EPSS
Exploits1References1
CVE
CVE
added 2021/01/26 5:15 p.m.44 views

CVE-2020-23447

CVE-2020-23447 affects newbee-mall 1.0 with a cross-site scripting vulnerability in shop-cart/settle. An attacker can inject an XSS payload in the address information during purchase, triggered when viewing the Order Management Office’s “View Recipient Information.” Connected CNVD/CVEs corroborat...

6.1CVSS5.9AI score0.0066EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2007/06/21 6:30 p.m.86 views

Sql injection

SQL injection vulnerability in comersusoptReviewReadExec.asp in Comersus Shop Cart 7.07 allows remote attackers to execute arbitrary SQL commands via the idProduct parameter. NOTE: this might be the same as CVE-2005-2190.2...

7.5CVSS8.7AI score0.01141EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2007/06/21 6:30 p.m.95 views

CVE-2007-3323

SQL injection vulnerability in comersusoptReviewReadExec.asp in Comersus Shop Cart 7.07 allows remote attackers to execute arbitrary SQL commands via the idProduct parameter. NOTE: this might be the same as CVE-2005-2190.2...

7.5CVSS8.2AI score0.01041EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/06/21 6:0 p.m.20 views

CVE-2007-3323

SQL injection vulnerability in comersusoptReviewReadExec.asp in Comersus Shop Cart 7.07 allows remote attackers to execute arbitrary SQL commands via the idProduct parameter. NOTE: this might be the same as CVE-2005-2190.2...

8.2AI score0.01041EPSS
Exploits1References5
CVE
CVE
added 2007/06/21 6:0 p.m.268 views

CVE-2007-3323

CVE-2007-3323 describes an SQL injection in Comersus Shop Cart 7.07, exploitable via the idProduct parameter to comersus_optReviewReadExec.asp. Remote attackers could execute arbitrary SQL commands; the description notes it may be the same issue as CVE-2005-2190. No remediation or version-specifi...

7.5CVSS8.2AI score0.01041EPSS
Exploits1References5Affected Software1
Packet Storm
Packet Storm
added 2007/06/21 12:0 a.m.40 views

csc-sqlxss.txt

--- Comersus Shop Cart 7.07 SQL Injection & XSS Comersus is an active server pages asp software for running shopping stores, integrated with the rest of your web site. Comersus ASP Cart is free and IT CAN BE used for commercial purposes. An attacker may leverage this issue to have arbitrary scrip...

7.4AI score
Exploits0
Rows per page
Query Builder