Comersus Cart could allow price modification
| comersus-cart-price-modification (16645) |  Medium Risk |
Description:
Comersus Cart is vulnerable to price changing by a remote attacker. A remote attacker can change the price of a particular item they intend to buy by embedding code in the OrderTotal variable in a specially-crafted URL request to the comersus_gatewayPayPal.asp script. This vulnerability could allow a remote users to purchase products at any price they choose.
Consequences:
Data Manipulation
Remedy:
Upgrade to the latest version of Comersus Cart (5.098 or later), available from the Comersus Open Technologies Web site. See References.
References:
- BugTraq Mailing List, Wed Jul 07 2004 - 10:15:19 CDT: Comersus Cart Improper Request Handling .
- Comersus Open Technologies Web site: Comersus ASP Shopping Cart Free Download.
- BID-10674: Comersus Open Technologies Comersus Cart Multiple Vulnerabilities
- CVE-2004-0682: comersus_gatewayPayPal.asp in Comersus Cart 5.09, and possibly other versions before 5.098, allows remote attackers to change the prices of items by directly modifying them in the URL.
Platforms Affected:
- Comersus Comersus Cart 5.09
Reported:
Jul 07, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net