Vulnerability Details CVE-2002-0553
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0154.html
- http://www.iss.net/security_center/static/8840.php
- http://www.securityfocus.com/bid/4506
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0154.html
- http://www.iss.net/security_center/static/8840.php
- http://www.securityfocus.com/bid/4506
Products affected by CVE-2002-0553
-
cpe:2.3:a:turnkey_solutions:sunshop_shopping_cart:1.5
-
cpe:2.3:a:turnkey_solutions:sunshop_shopping_cart:2.0
-
cpe:2.3:a:turnkey_solutions:sunshop_shopping_cart:2.1
-
cpe:2.3:a:turnkey_solutions:sunshop_shopping_cart:2.2
-
cpe:2.3:a:turnkey_solutions:sunshop_shopping_cart:2.4
-
cpe:2.3:a:turnkey_solutions:sunshop_shopping_cart:2.5