source: https://www.securityfocus.com/bid/10674/info
Comersus Cart is reported prone to multiple vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks and manipulate parameters to change the price of an order.
Comersus Cart version 5.09 is affected by these issues, however, other versions may be prone to these vulnerabilities as well.
http://www.example.com/comersus/backofficeLite/comersus_backoffice_message.asp?message=<script>alert("VULNERABLE_TO_XSS")</script>