Thomas Ryan

5 exploits Active since Aug 2004
CVE-2004-2411 EXPLOITDB text WORKING POC
VP-ASP Shopping Cart 4.0-5.0 - Cross-Site Scripting via IMG Tag in cat or msg Parameter
The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs, which allows remote attackers to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascript in IMG tags to (1) the cat parameter in shopdisplayproducts.asp or (2) the msg parameter in shoperror.asp, and possibly other vectors.
CVE-2004-2701 EXPLOITDB text WORKING POC
AspDotNetStorefront 3.3 - Cross-Site Scripting via signin.aspx returnurl Parameter
Cross-site scripting (XSS) vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter.
CVE-2004-2699 EXPLOITDB text WRITEUP
AspDotNetStorefront 3.3 - Arbitrary Product Image Deletion via deleteicon.aspx ProductID Parameter
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter.
CVE-2004-0682 EXPLOITDB text WORKING POC
Comersus Cart 5.09 - Price Manipulation via URL Parameter
comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other versions before 5.098, allows remote attackers to change the prices of items by directly modifying them in the URL.
CVE-2004-0681 EXPLOITDB text WORKING POC
Comersus Cart 5.09 - Cross-Site Scripting via Message Parameter
Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter.