Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information fields such as the message field.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-06-11T04:00:00
Updated: 2002-06-15T09:00:00
Reserved: 2002-06-07T00:00:00
Link: CVE-2002-0439
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-07-26T04:00:00.000
Modified: 2008-09-05T20:28:01.837
Link: CVE-2002-0439
JSON object: View
Redhat Information
No data.
CWE