CVE-2003-0509

{"id": "CVE-2003-0509", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-08-07T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=105709450711395&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/9165", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1007092", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/10098", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/10099", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/10100", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/14101", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/14103", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/14112", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12485", "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=105709450711395&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/9165", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1007092", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/10098", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/10099", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/10100", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/14101", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/14103", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/14112", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12485", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n de SQL en Cyberstrong eShop 4.2 y anteriores permite a atacantes remotos robar informaci\u00f3n de autenticaci\u00f3n y ganar privilegios mediante el par\u00e1metro ProductCode en (1) 10expand.asp, (2) 10browse.asp, y (3) 20review.asp."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cyberstrong:eshop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D9F816B-410A-4418-947E-364403E9A186", "versionEndIncluding": "4.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}