Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2007-3324
Disclosure Date: June 21, 2007 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 7.07 allow remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter to (1) comersus_customerAuthenticateForm.asp or (2) comersus_message.asp, different vectors than CVE-2004-0681.
0
Attacker Value
Unknown
CVE-2004-0681
Disclosure Date: August 06, 2004 (last updated February 22, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter.
0
