Vulnerabilities > CVE-2006-2814 - Buffer Overflow vulnerability in IShopCart
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple buffer overflows in the (1) vGetPost and (2) main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact via a large amount of posted data.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | iShopCart vGetPost() Remote Buffer Overflow Exploit (cgi). CVE-2006-2814. Webapps exploit for cgi platform |
| id | EDB-ID:1862 |
| last seen | 2016-01-31 |
| modified | 2006-06-02 |
| published | 2006-06-02 |
| reporter | K-sPecial |
| source | https://www.exploit-db.com/download/1862/ |
| title | iShopCart vGetPost Remote Buffer Overflow Exploit cgi |