Shodan
Vulnerabilities
Vulnerable Software
Comersus Open Technologies:  >> Comersus Backoffice Plus  Security Vulnerabilities
CVE-2005-3397
Cross-site scripting (XSS) vulnerability in Comersus BackOffice allows remote attackers to inject arbitrary web script or HTML via the error parameter to comersus_backoffice_supportError.asp. NOTE: the comersus_backoffice_message.asp/message vector is already covered by CVE-2005-2191 item 2.
CVSS Score
4.3
EPSS Score
0.006
Published
2005-11-01
CVE-2005-3285
Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the (1) forwardTo1, (2) forwardTo2, (3) nameFT1, or (4) nameFT2 parameters.
CVSS Score
4.3
EPSS Score
0.007
Published
2005-10-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved