Vulnerability Description
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Turnkey Solutions | Sunshop Shopping Cart | 1.5 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0154.htmlVendor Advisory
- http://www.iss.net/security_center/static/8840.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4506ExploitVendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0154.htmlVendor Advisory
- http://www.iss.net/security_center/static/8840.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4506ExploitVendor Advisory
FAQ
What is CVE-2002-0553?
CVE-2002-0553 is a vulnerability with a CVSS score of 7.5 (HIGH). Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.
How severe is CVE-2002-0553?
CVE-2002-0553 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0553?
Check the references section above for vendor advisories and patch information. Affected products include: Turnkey Solutions Sunshop Shopping Cart.