Comersus Open Technologies Comersus Cart多个安全漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108029 漏洞类型 未知
发布时间 2004-07-07 更新时间 2007-01-02
CVE编号 CVE-2004-0681 CNNVD-ID CNNVD-200408-083
漏洞平台 ASP CVSS评分 6.8
|漏洞来源
https://www.exploit-db.com/exploits/24261
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200408-083
|漏洞详情
ComersusCart是一款基于ASP的电子购物程序。ComersusCart不正确处理和过滤用户提交的请求,远程攻击者可以利用这些漏洞更改价格或获得用户敏感信息。第一个问题是'comersus_gatewayPayPal.asp'脚本不正确处理用户提交的请求,攻击者可更改参数使定单在提交给PayPal前更改。第二个问题是多个脚本对用户提交的数据缺少过滤,用户可提交恶意HTML代码,当其他用户浏览器时可导致敏感信息(如用于验证的COOKIE信息)泄露。
|漏洞EXP
source: http://www.securityfocus.com/bid/10674/info
 
Comersus Cart is reported prone to multiple vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks and manipulate parameters to change the price of an order.
 
Comersus Cart version 5.09 is affected by these issues, however, other versions may be prone to these vulnerabilities as well.

http://www.example.com/comersus/backofficeLite/comersus_backoffice_message.asp?message=<script>alert("VULNERABLE_TO_XSS")</script>
|参考资料

来源:BID
名称:10674
链接:http://www.securityfocus.com/bid/10674
来源:XF
名称:comersus-cart-xss(16646)
链接:http://xforce.iss.net/xforce/xfdb/16646
来源:BUGTRAQ
名称:20040707ComersusCartCross-SiteScriptingVulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108922169327403&w=2