Vulnerability Description
Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Spidersales | Spidersales | 2.0 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-March/018177.html
- http://marc.info/?l=bugtraq&m=107833097705486&w=2
- http://www.securityfocus.com/bid/9799ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15370
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-March/018177.html
- http://marc.info/?l=bugtraq&m=107833097705486&w=2
- http://www.securityfocus.com/bid/9799ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15370
FAQ
What is CVE-2004-0351?
CVE-2004-0351 is a vulnerability with a CVSS score of 2.1 (LOW). Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data.
How severe is CVE-2004-0351?
CVE-2004-0351 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0351?
Check the references section above for vendor advisories and patch information. Affected products include: Spidersales Spidersales.