Vendor
Spidersales
Products
2
CVEs
4
Across products
4
Status
Private
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2004-0348 | 0.03 | — | 0.01 | Nov 23, 2004 | SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL via the userId parameter. | ||
| CVE-2021-38350 | 0.00 | — | 0.00 | Sep 10, 2021 | The spideranalyse WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the date parameter found in the ~/analyse/index.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.1. | ||
| CVE-2004-0350 | 0.00 | — | 0.00 | Nov 23, 2004 | SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring. | ||
| CVE-2004-0351 | 0.00 | — | 0.00 | Nov 23, 2004 | Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data. |