RSS   Vulnerabilities for 'Dansie shopping cart'   RSS

2005-07-12
 
CVE-2005-2217

 

 
Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables.

 
2000-04-14
 
CVE-2000-0254

CWE-Other
 

 
The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables.

 
2000-04-11
 
CVE-2000-0253

CWE-Other
 

 
The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields.

 
 
CVE-2000-0252

 

 
The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable.

 


Copyright 2024, cxsecurity.com

 

Back to Top