Comersus Open Technologies : Security Vulnerabilities, CVEs, Published In 2004
CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter.
Max CVSS
5.0
EPSS Score
1.72%
Published
2004-09-01
Updated
2017-07-11
comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other versions before 5.098, allows remote attackers to change the prices of items by directly modifying them in the URL.
Max CVSS
7.5
EPSS Score
4.53%
Published
2004-08-06
Updated
2017-07-11
Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter.
Max CVSS
6.8
EPSS Score
0.49%
Published
2004-08-06
Updated
2017-07-11
3 vulnerabilities found