CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0348

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile14.67th
PublishedNov 23, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL via the userId parameter.

Affected Platforms (CPE)

πŸ“¦
Spidersales

Spidersales

= 2.0

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=107833097705486&w=2
πŸ”— http://www.s-quadra.com/advisories/Adv-20040303.txt
πŸ”— http://www.securityfocus.com/bid/9799
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/15371
πŸ”— http://marc.info/?l=bugtraq&m=107833097705486&w=2
πŸ”— http://www.s-quadra.com/advisories/Adv-20040303.txt
πŸ”— http://www.securityfocus.com/bid/9799
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/15371

Related Vulnerabilities

CVE-2004-03502.1

SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtai...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...