7.5
CVE-2002-0439
- EPSS 1.57%
- Veröffentlicht 26.07.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:26
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information fields such as the message field.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.57% | 0.722 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.iss.net/security_center/static/8431.php
http://www.securityfocus.com/archive/1/261218
http://www.securityfocus.com/bid/4270