Comersus Cart Security Vulnerabilities and Issues — Comersus Cart CVE List

Lucene search

Comersus Open TechnologiesComersus Cart

4 matches found

CVE•added 2007/06/21 6:30 p.m.•60 views

CVE-2007-3324

Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 7.07 allow remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter to (1) comersus_customerAuthenticateForm.asp or (2) comersus_message.asp, different vectors than CVE-2004-0681.

4.3CVSS5.6AI score0.04332EPSS

CVE•added 2005/05/02 4:0 a.m.•46 views

CVE-2005-1188

Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter.

4.3CVSS5.7AI score0.00834EPSS

CVE•added 2005/07/11 4:0 a.m.•40 views

CVE-2005-2191

Multiple cross-site scripting (XSS) vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to comersus_backoffice_listAssignedPricesToCustomer.asp or (2) message parameter to comersus_backoffice_message.asp.

4.3CVSS5.8AI score0.00346EPSS

CVE•added 2005/05/02 4:0 a.m.•32 views

CVE-2005-1010

Cross-site scripting (XSS) vulnerability in Comersus Cart 6 allows remote attackers to inject arbitrary web script or HTML via the account username.

4.3CVSS5.7AI score0.00346EPSS