Description
CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Maestro De-Seguridad · textwebappsasp
https://www.exploit-db.com/exploits/24422
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109405777905519&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17201
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11083
Scores
EPSS
0.0583
EPSS Percentile
90.6%
Details
Status
published
Products (1)
comersus_open_technologies/comersus_cart
5.0.991
Published
Sep 01, 2004
Tracked Since
Feb 18, 2026