[] NeoSense
E X P L O I T S
title author type platform port cve id

Comersus Open Technologies Comersus 5.0 - 'comersus_message.asp' Cross-Site Scripting

Author: Thomas Ryan
type: webapps
platform: asp
port: 
date_added: 2004-07-07 
date_updated: 2013-01-20 
verified: 1 
codes: CVE-2004-0681;OSVDB-7955 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/10674/info

Comersus Cart is reported prone to multiple vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks and manipulate parameters to change the price of an order.

Comersus Cart version 5.09 is affected by these issues, however, other versions may be prone to these vulnerabilities as well.

http://www.example.com/comersus/backofficeLite/comersus_backoffice_message.asp?message=<script>alert("VULNERABLE_TO_XSS")</script>
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.