Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0439

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0439
Last Modified 05 Sep 2008 04:28:01
Published 26 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0439

Summary

Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information fields such as the message field.

Vulnerable Systems

Application

  • Caupo.net Cauposhop 1.30a


References

BID - 4270

XF - cauposhop-user-info-css(8431)

BUGTRAQ - 20020311 CaupoShop: cross-site-scripting bug


Last Updated: 27 May 2016 10:36:54