18 matches found
EUVD-2006-5230
Malware in sbrugna...
EUVD-2006-5232
Malware in sbrugna...
EUVD-2006-5231
Malware in sbrugna...
CVE-2006-5248
Eazy Cart stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a customer database via a direct request for admin/config/customer.dat. NOTE: the provenance of this information is unknown; the details are obtained from third...
CVE-2006-5248
Eazy Cart stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a customer database via a direct request for admin/config/customer.dat. NOTE: the provenance of this information is unknown; the details are obtained from third...
CVE-2006-5247
Multiple cross-site scripting XSS vulnerabilities in Eazy Cart allow remote attackers to inject arbitrary web script or HTML via easycart.php, possibly related to the 1 des and 2 qty parameters in an add action, and via other unspecified vectors. NOTE: some details are obtained from third party...
CVE-2006-5246
Eazy Cart allows remote attackers to change prices and other critical fields via unspecified vectors to easycart.php, probably including the price parameter. NOTE: some details are obtained from third party information...
CVE-2006-5245
Eazy Cart allows remote attackers to bypass authentication and gain administrative access via a direct request for admin/home/index.php, and possibly other PHP scripts under admin/...
CVE-2006-5246
Eazy Cart allows remote attackers to change prices and other critical fields via unspecified vectors to easycart.php, probably including the price parameter. NOTE: some details are obtained from third party information...
CVE-2006-5247
CVE-2006-5247 concerns multiple cross-site scripting (XSS) vulnerabilities in Eazy Cart. The affected component is the web application’s easycart.php, with possible vectors including the (1) des and (2) qty parameters in an add action and other unspecified vectors. The description and connected s...
CVE-2006-5247
Multiple cross-site scripting XSS vulnerabilities in Eazy Cart allow remote attackers to inject arbitrary web script or HTML via easycart.php, possibly related to the 1 des and 2 qty parameters in an add action, and via other unspecified vectors. NOTE: some details are obtained from third party...
CVE-2006-5246
The CVE-2006-5246 issue concerns Eazy Cart where remote attackers can modify prices and other critical fields via unspecified vectors to easycart.php, likely abusing an input-validation flaw that permits altering the price parameter. The core weakness is insufficient validation/authorization on p...
CVE-2006-5245
Eazy Cart allows remote attackers to bypass authentication and gain administrative access via a direct request for admin/home/index.php, and possibly other PHP scripts under admin/...
CVE-2006-5248
Eazy Cart stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a customer database via a direct request for admin/config/customer.dat. NOTE: the provenance of this information is unknown; the details are obtained from third...
CVE-2006-5248
CVE-2006-5248 affects Eazy Cart: sensitive customer data stored under the web root with insufficient access control, allowing remote retrieval of admin/config/customer.dat via direct request. Multiple sources (NVD, Red Hat, CVE List, CVE Details) describe the same issue. Root cause is improper ac...
CVE-2006-5245
Summary (CVE-2006-5245): Eazy Cart is affected by a authentication bypass vulnerability in the admin area. A remote attacker can gain administrative access by issuing a direct request to a file such as admin/home/index.php (and potentially other PHP scripts under the admin/ directory), bypassing ...
[Full-disclosure] MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MHL-2006-001 - Public Advisory +-----------------------------------------------------------+ | Eazy Cart Multiple Security Issues | +-----------------------------------------------------------+ PUBLISHED ON October 9th, 2006 PUBLISHED AT...
MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MHL-2006-001 - Public Advisory +-----------------------------------------------------------+ | Eazy Cart Multiple Security Issues | +-----------------------------------------------------------+ PUBLISHED ON October 9th, 2006 PUBLISHED AT...