Vendor

Comersus

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2007-3323	Comersus Open Technologies Comersus Cart		0.03	—	0.01		Jun 21, 2007	SQL injection vulnerability in comersus_optReviewReadExec.asp in Comersus Shop Cart 7.07 allows remote attackers to execute arbitrary SQL commands via the idProduct parameter. NOTE: this might be the same as CVE-2005-2190.2.
CVE-2005-1188	Comersus Open Technologies Comersus Cart		0.03	—	0.01		May 2, 2005	Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter.

CVE-2007-3323Jun 21, 2007
Comersus Open Technologies
Comersus Cart
risk 0.03cvss —epss 0.01
SQL injection vulnerability in comersus_optReviewReadExec.asp in Comersus Shop Cart 7.07 allows remote attackers to execute arbitrary SQL commands via the idProduct parameter. NOTE: this might be the same as CVE-2005-2190.2.
CVE-2005-1188May 2, 2005
Comersus Open Technologies
Comersus Cart
risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter.