Lucene search
MitreCVE-2005-2190HistoryJul 11, 2005 - 4:00 a.m.
CVE-2005-2190
2005-07-1104:00:00
mitre
web.nvd.nist.gov
142
cve-2005-2190
sql injection
comersus shopping cart
remote attackers
arbitrary sql commands
email parameter
idproduct parameter
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.002
Percentile
52.0%
Multiple SQL injection vulnerabilities in Comersus shopping cart allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to comersus_optAffiliateRegistrationExec.asp or (2) idProduct parameter to comersus_optReviewReadExec.asp.
Affected configurations
Node
comersus_open_technologiescomersus_cart
| Vendor | Product | Version | CPE |
|---|---|---|---|
| comersus_open_technologies | comersus_cart | * | cpe:2.3:a:comersus_open_technologies:comersus_cart:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2005-2190
2005-07-10 04:00:00
CVE-2007-3323
2007-06-21 18:00:00
nvd
nvd
CVE-2005-2190
2005-07-11 04:00:00
CVE-2007-3323
2007-06-21 18:30:00
nessus
nessus
Comersus Cart Multiple Vulnerabilities (SQLi, XSS)
2005-07-08 00:00:00
cve
cve
CVE-2007-3323
2007-06-21 18:30:00
prion
prion
Sql injection
2007-06-21 18:30:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.002
Percentile
52.0%
Related for CVE-2005-2190