http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200507-100

Comersussshoppingcart是一款免费的网站购物车程序。Comersussshoppingcart中存在多个跨站脚本攻击漏洞。可让远程攻击者通过comersus_backoffice_listAssignedPricesToCustomer.asp的name参数或comersus_backoffice_message.asp的message参数注入任意Web脚本或HTML。

来源:BUGTRAQ
名称:20050707[Bdayrelease]ComersusshoppingcarthasmultipleSqlinjection
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=112077057001064&w;=2
来源:BID
名称:15251
链接:http://www.securityfocus.com/bid/15251
来源:SECTRACK
名称:1014419
链接:http://securitytracker.com/id?1014419
来源:MISC
链接:http://downloads.securityfocus.com/vulnerabilities/exploits/backoffice_mult_exp.pl