Vulnerabilities > CVE-2000-0253 - Unspecified vulnerability in Craig Dansie Shopping Cart 3.0.4

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
craig-dansie
critical
nessus
NVD
Published: 2000-04-11
Updated: 2018-05-03

Summary

The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields.

Vulnerable Configurations

Part Description Count
Application
Craig_Dansie
1

Nessus

NASL familyBackdoors
NASL idDANSIE_CART.NASL
descriptionThe script /cart/cart.cgi is present. If this shopping cart system is the Dansie Shopping Cart, and if it is older than version 3.0.8 then it is very likely that it contains a backdoor that allows anyone to execute arbitrary commands on this system.
last seen2020-06-01
modified2020-06-02
plugin id10368
published2000-04-13
reporterThis script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/10368
titleDansie Shopping Cart Backdoor Detection

References