← Back to CVEs

CVE-2005-2191

N/A

Description

Multiple cross-site scripting (XSS) vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to comersus_backoffice_listAssignedPricesToCustomer.asp or (2) message parameter to comersus_backoffice_message.asp.

CVE Details

CVSS v3.1 ScoreN/A

Published7/11/2005

Last Modified4/16/2026

Sourcenvd

Honeypot Sightings0

Affected Products

comersus_open_technologies:comersus_cart

References

http://downloads.securityfocus.com/vulnerabilities/exploits/backoffice_mult_exp.pl(cve@mitre.org)

http://marc.info/?l=bugtraq&m=112077057001064&w=2(cve@mitre.org)

http://securitytracker.com/id?1014419(cve@mitre.org)

http://www.securityfocus.com/bid/15251(cve@mitre.org)

http://downloads.securityfocus.com/vulnerabilities/exploits/backoffice_mult_exp.pl(af854a3a-2127-422b-91ae-364da2661108)

http://marc.info/?l=bugtraq&m=112077057001064&w=2(af854a3a-2127-422b-91ae-364da2661108)

http://securitytracker.com/id?1014419(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/15251(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.