RSS   Vulnerabilities for 'Spidersales'   RSS

2004-11-23
 
CVE-2004-0351

 

 
Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data.

 
 
CVE-2004-0350

 

 
SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring.

 
 
CVE-2004-0348

 

 
SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL via the userId parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top