BlackIce Server Protect versions 3.6cno and below from Internet Security Systems installs a firewall ruleset that can be removed or modified by any trusted or local unprivileged user.
f4772cb504ab957ef7193a8d03b9130f45c9592b768c32a0241b609c051209a1
Comersus Cart versions 5.09 and below suffer from a flaw where improper request handling allows a malicious user to modify pricing parameters prior to purchase.
24367fcbf2171f9cbdfde6c465ac797456d1314bcf105f78bc1d75b7d371abd0
Comersus Cart version 5.09 is susceptible to a cross site scripting flaw.
cfb6586b42f4125af066129ea143a270dcdaae62ca6fdb017e964e70d0ffd47f
VP-ASP Shopping Cart version 5.x is remote susceptible to cross site scripting and SQL injection attacks.
db8830218c1a550f3a985dfb8800743c8e466a48417e32a30fe90ed3bf11b96a
AspDotNetStorefront version 3.3 has a flaw that allows a remote attacker the ability to delete images off of a server due to a lack of input validation.
0244a82608fea01217f84f916119ab814c93d08eb9a2d684b836dac5023d41f5
AspDotNetStorefront 3.3 is susceptible to cross site scripting attacks.
1eb56fae16eaac67ad293e449ed3a276d2fc44db852094fe8eb332bc05476974