Filtered by vendor Spidersales
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0348 | 1 Spidersales | 1 Spidersales | 2025-04-03 | 10.0 HIGH | N/A |
| SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL via the userId parameter. | |||||
| CVE-2004-0350 | 1 Spidersales | 1 Spidersales | 2025-04-03 | 2.1 LOW | N/A |
| SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring. | |||||
| CVE-2004-0351 | 1 Spidersales | 1 Spidersales | 2025-04-03 | 2.1 LOW | N/A |
| Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data. | |||||