Lucene search
MitreCVE-2004-0682HistoryAug 06, 2004 - 4:00 a.m.
CVE-2004-0682
2004-08-0604:00:00
mitre
web.nvd.nist.gov
28
comersus
gateway
paypal
security
vulnerability
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.033
Percentile
91.3%
comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other versions before 5.098, allows remote attackers to change the prices of items by directly modifying them in the URL.
Affected configurations
Node
comersus_open_technologiescomersus_cartMatch5.0.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| comersus_open_technologies | comersus_cart | 5.0.9 | cpe:2.3:a:comersus_open_technologies:comersus_cart:5.0.9:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2004-0682
2004-07-13 04:00:00
nvd
nvd
CVE-2004-0682
2004-08-06 04:00:00
exploitdb
exploitdb
nessus
nessus
Comersus Cart Multiple Input Validation Vulnerabilities (SQLi, XSS)
2004-08-02 00:00:00
openvas
openvas
Comersus Cart Cross-Site Scripting Vulnerability
2005-11-03 00:00:00
Comersus Cart Cross-Site Scripting Vulnerability
2005-11-03 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.033
Percentile
91.3%
Related for CVE-2004-0682