CVE-2004-0682: CVE-2004-0682

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2004-0682

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other versions before 5.098, allows remote attackers to change the prices of items by directly modifying them in the URL.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Comersus Open Technologies Comersus Cart多个安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Comersus Cart是一款基于ASP的电子购物程序。 Comersus Cart不正确处理和过滤用户提交的请求，远程攻击者可以利用这些漏洞更改价格或获得用户敏感信息。第一个问题是'comersus_gatewayPayPal.asp'脚本不正确处理用户提交的请求，攻击者可更改参数使定单在提交给PayPal前更改。第二个问题是多个脚本对用户提交的数据缺少过滤，用户可提交恶意HTML代码，当其他用户浏览器时可导致敏感信息(如用于验证的COOKIE信息)泄露。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2004-0682

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2004-0682

Please Login to view more intelligence information

http://www.securityfocus.com/bid/10674vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/16645vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=108922336529987&w=2mailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2004-0682

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2004-0682

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2004-0682

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2004-0682

III. Intelligence Information for CVE-2004-0682

New Vulnerabilities

V. Comments for CVE-2004-0682

Leave a comment