CyberSec.Space Logo
CVEブラウザに戻る

CVE-2000-0254

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0840%
EPSS Percentile12.31th
Published2000年4月14日
Last Modified2026年4月16日

Vulnerability Description

The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables.

Affected Platforms (CPE)

📦
Craig Dansie

Dansie Shopping Cart

= 3.0.4

References & Advisories

🔗 http://www.securityfocus.com/bid/1115
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/4954
🔗 http://www.securityfocus.com/bid/1115
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/4954

関連する脆弱性情報

CVE-2000-025310.0

The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fiel...

CVE-2000-02525.0

The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form vari...

CVE-2000-12435.0

Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to ...

CVE-2005-22175.0

Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attack...