CVE-2004-0351 : Spider Sales shopping cart stores the private key in the same database and table

Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data.

Published 2004-11-23 05:00:00

Updated 2017-07-11 01:30:06

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2004-0351

Spidersales » Spidersales » Version: 2.0
cpe:2.3:a:spidersales:spidersales:2.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2004-0351

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 19 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2004-0351

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2004-0351

https://exchange.xforce.ibmcloud.com/vulnerabilities/15370

CVEs referencing this url
http://www.securityfocus.com/bid/9799

Exploit;Vendor Advisory

CVEs referencing this url
http://lists.grok.org.uk/pipermail/full-disclosure/2004-March/018177.html

CVEs referencing this url
http://marc.info/?l=bugtraq&m=107833097705486&w=2

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2004-0351

Products affected by CVE-2004-0351

Exploit prediction scoring system (EPSS) score for CVE-2004-0351

CVSS scores for CVE-2004-0351

References for CVE-2004-0351