Vulnerabilities > CVE-2002-0553 - Unspecified vulnerability in Turnkey Solutions Sunshop Shopping Cart

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

turnkey-solutions

exploit available

NVD

Published: 2002-07-03

Updated: 2008-09-05

Summary

Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.

Vulnerable Configurations

Part	Description	Count
Application	Turnkey_Solutions Turnkey Solutions Sunshop Shopping Cart 1.5 Turnkey Solutions Sunshop Shopping Cart 2.0 Turnkey Solutions Sunshop Shopping Cart 2.1 Turnkey Solutions Sunshop Shopping Cart 2.2 Turnkey Solutions Sunshop Shopping Cart 2.4 Turnkey Solutions Sunshop Shopping Cart 2.5	6

Exploit-Db

description	SunShop Shopping Cart 1.5/2.x User-Embedded Scripting Vulnerability. CVE-2002-0553. Webapps exploit for php platform
id	EDB-ID:21377
last seen	2016-02-02
modified	2002-04-13
published	2002-04-13
reporter	ppp-design
source	https://www.exploit-db.com/download/21377/
title	SunShop Shopping Cart 1.5/2.x User-Embedded Scripting Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References