vendor:
Comersus Cart
by:
SecurityFocus
7.5
CVSS
HIGH
SQL Injection, Cross-Site Scripting, Administrator Access
89, 79, 200
CWE
Product Name: Comersus Cart
Affected Version From: Earlier versions
Affected Version To: 6.0.2
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005
Comersus Cart Multiple Vulnerabilities
Comersus Cart is reportedly affected by multiple vulnerabilities. There is a possiblity of gaining administrator access due to a failure of the application to remove an installation script after install. There is the possiblity of SQL injection by passing a malicious HTTP referer header. There are also some possible cross-site scripting issues. The vendor has addressed these issues in Comersus Cart version 6.0.2; earlier version are reportedly vulnerable. The following proof of concept is available for the SQL injection issue: GET /comersus/store/default.asp HTTP/1.1 Referer: <SQLCODE HERE>
Mitigation:
Upgrade to Comersus Cart version 6.0.2 or later
