Spidersales Spidersales : Security vulnerabilities, CVEs

Copy

CVE-2004-0348

SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL via the userId parameter.

Max CVSS

10.0

EPSS Score

0.22%

Published

2004-11-23

Updated

2017-07-11

CVE-2004-0350

SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring.

Max CVSS

2.1

EPSS Score

0.04%

Published

2004-11-23

Updated

2017-07-11

CVE-2004-0351

Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data.

Max CVSS

2.1

EPSS Score

0.04%

Published

2004-11-23

Updated

2017-07-11

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!