CVE-2002-0439

Published: Jul 26, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information fields such as the message field.

Affected (1)

Products: Caupo.net: Cauposhop

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Caupo.net Cauposhop	Up to 1.30a

References (6)

http://www.iss.net/security_center/static/8431.php

Source: cve@mitre.org

Patch

http://www.securityfocus.com/archive/1/261218

Source: cve@mitre.org

http://www.securityfocus.com/bid/4270

Source: cve@mitre.org

Patch

http://www.iss.net/security_center/static/8431.php

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/archive/1/261218

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/4270

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.