CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2190

Multiple SQL injection vulnerabilities in Comersus shopping cart allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to comersus_optAffiliateRegistrationExec.asp or (2) idProduct parameter to comersus_optReviewReadExec.asp.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=112077057001064&w=2
http://securitytracker.com/id?1014419
http://marc.info/?l=bugtraq&m=112077057001064&w=2
http://securitytracker.com/id?1014419

Products affected by CVE-2005-2190

Comersus Open Technologies » Comersus Cart » Version: Any

cpe:2.3:a:comersus_open_technologies:comersus_cart:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2190

Products

Pricing

Contact Us