CyberSec.Space Logo
Back to CVE Browser

CVE-2000-0254

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0840%
EPSS Percentile12.31th
PublishedApr 14, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables.

Affected Platforms (CPE)

πŸ“¦
Craig Dansie

Dansie Shopping Cart

= 3.0.4

References & Advisories

πŸ”— http://www.securityfocus.com/bid/1115
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/4954
πŸ”— http://www.securityfocus.com/bid/1115
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/4954

Related Vulnerabilities

CVE-2000-025310.0

The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fiel...

CVE-2000-02525.0

The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form vari...

CVE-2000-12435.0

Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to ...

CVE-2005-22175.0

Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attack...