Craig Dansie: >> Dansie Shopping Cart >> 3.0.4 Security Vulnerabilities
The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables.
CVSS Score
5.0
EPSS Score
0.036
Published
2000-04-14
The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable.
CVSS Score
5.0
EPSS Score
0.015
Published
2000-04-11
The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields.
CVSS Score
10.0
EPSS Score
0.011
Published
2000-04-11