Lucene search

[email protected]CVE-2000-0396

HistoryMay 24, 2000 - 4:00 a.m.

CVE-2000-0396

2000-05-2404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0396

carello

shopping cart software

remote attack

source code

asp files

7.6 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.016 Low

EPSS

Percentile

87.4%

JSON

The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files.

CPENameOperatorVersion
pacific_software:carellopacific software carelloeq1.2.1

CPE	Name	Operator	Version
pacific_software:carello	pacific software carello	eq	1.2.1

References

archives.neohapsis.com/archives/bugtraq/2000-05/0285.html

www.securityfocus.com/bid/1245

7.6 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.016 Low

EPSS

Percentile

87.4%

JSON