CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Early Impact: >> Productcart >> 2.0 Security Vulnerabilities

CVE-2004-2173

SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductCart allows remote attackers to execute arbitrary SQL commands via the priceUntil parameter.

CVSS Score

7.5

EPSS Score

0.02

Published

2004-12-31

CVE-2004-2174

Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter.

CVSS Score

4.3

EPSS Score

0.011

Published

2004-12-31

CVE-2003-1304

EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request.

CVSS Score

5.0

EPSS Score

0.075

Published

2003-12-31

Page 1

Vulnerabilities

Vulnerable Software

Early Impact: >> Productcart >> 2.0 Security Vulnerabilities

Products

Pricing

Contact Us