Filtered by vendor Craig Dansie
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0253 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-02 | 10.0 HIGH | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0254 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-02 | 5.0 MEDIUM | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | |||||
| CVE-2000-0252 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2017-10-09 | 5.0 MEDIUM | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable. | |||||
| CVE-2005-2217 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2008-09-05 | 5.0 MEDIUM | N/A |
| Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables. | |||||