Vulnerabilities > CVE-2004-0351 - Multiple vulnerability in Spidersales 2.0

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

spidersales

NVD

Published: 2004-11-23

Updated: 2017-07-11

Summary

Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data.

Vulnerable Configurations

Part	Description	Count
Application	Spidersales Spidersales Spidersales 2.0	1

References

http://lists.grok.org.uk/pipermail/full-disclosure/2004-March/018177.html
http://marc.info/?l=bugtraq&m=107833097705486&w=2
http://www.securityfocus.com/bid/9799
https://exchange.xforce.ibmcloud.com/vulnerabilities/15370