Vulnerabilities > Craig Dansie > Dansie Shopping Cart > 3.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-04-14 | CVE-2000-0254 | Unspecified vulnerability in Craig Dansie Shopping Cart 3.0.4 The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | 5.0 |
| 2000-04-11 | CVE-2000-0253 | Unspecified vulnerability in Craig Dansie Shopping Cart 3.0.4 The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | 10.0 |
| 2000-04-11 | CVE-2000-0252 | Unspecified vulnerability in Craig Dansie Shopping Cart 3.0.4 The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable. | 5.0 |