Lucene search
MitreCVE-2004-0675HistoryAug 06, 2004 - 4:00 a.m.
CVE-2004-0675
2004-08-0604:00:00
mitre
web.nvd.nist.gov
26
cve
2004
0675
cross-site scripting
xss
vulnerability
cart32
shopping cart
remote attackers
web script
getlatestbuilds command
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.2
Confidence
High
EPSS
0.007
Percentile
80.4%
Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32web.exe in Cart32 shopping cart allows remote attackers to execute arbitrary web script via the cart32 parameter to a GetLatestBuilds command.
Affected configurations
Node
mcmurtrey_whitaker_and_associatescart32Match2.5a
ORmcmurtrey_whitaker_and_associatescart32Match2.6
ORmcmurtrey_whitaker_and_associatescart32Match3.0
ORmcmurtrey_whitaker_and_associatescart32Match3.1
ORmcmurtrey_whitaker_and_associatescart32Match3.5
ORmcmurtrey_whitaker_and_associatescart32Match3.5_build619
ORmcmurtrey_whitaker_and_associatescart32Match3.5a
ORmcmurtrey_whitaker_and_associatescart32Match3.5a_build710
ORmcmurtrey_whitaker_and_associatescart32Match4.4
ORmcmurtrey_whitaker_and_associatescart32Match5.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mcmurtrey_whitaker_and_associates | cart32 | 2.5a | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:2.5a:*:*:*:*:*:*:* |
| mcmurtrey_whitaker_and_associates | cart32 | 2.6 | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:2.6:*:*:*:*:*:*:* |
| mcmurtrey_whitaker_and_associates | cart32 | 3.0 | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:3.0:*:*:*:*:*:*:* |
| mcmurtrey_whitaker_and_associates | cart32 | 3.1 | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:3.1:*:*:*:*:*:*:* |
| mcmurtrey_whitaker_and_associates | cart32 | 3.5 | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:3.5:*:*:*:*:*:*:* |
| mcmurtrey_whitaker_and_associates | cart32 | 3.5_build619 | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:3.5_build619:*:*:*:*:*:*:* |
| mcmurtrey_whitaker_and_associates | cart32 | 3.5a | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:3.5a:*:*:*:*:*:*:* |
| mcmurtrey_whitaker_and_associates | cart32 | 3.5a_build710 | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:3.5a_build710:*:*:*:*:*:*:* |
| mcmurtrey_whitaker_and_associates | cart32 | 4.4 | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:4.4:*:*:*:*:*:*:* |
| mcmurtrey_whitaker_and_associates | cart32 | 5.0 | cpe:2.3:a:mcmurtrey_whitaker_and_associates:cart32:5.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2004-0675
2004-07-13 04:00:00
exploitdb
exploitdb
openvas
openvas
Cart32 GetLatestBuilds XSS
2005-11-03 00:00:00
nvd
nvd
CVE-2004-0675
2004-08-06 04:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.2
Confidence
High
EPSS
0.007
Percentile
80.4%
Related for CVE-2004-0675