12 matches found
EUVD-2001-0967
Malware in sbrugna...
hassan consulting shopping cart 1.18 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1777/info The $page variable in Hassan Consulting Shopping Cart does not properly check for insecure relative paths such as the double dot ... Therefore, requesting the following URL will display the specified file:...
CVE-2001-0985
shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attackers to execute arbitrary commands via shell metacharacters in the "page" parameter...
CVE-2001-0985
Affected product: Hassan Consulting Shopping Cart 1.23. Vulnerability: arbitrary command execution via shell metacharacters in the URL parameter “page” leading to remote code execution. Root cause is unsafely handling the page parameter in shop.pl, allowing user-supplied input to be interpreted b...
CVE-2001-0985
shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attackers to execute arbitrary commands via shell metacharacters in the "page" parameter...
Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution
Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible f...
Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible for a malicious user to submit a request which causes arbitrary...
CVE-2000-0921
CVE-2000-0921 describes a directory traversal in Hassan Consulting’s shop.cgi shopping cart, allowing remote attackers to read arbitrary files by using a .. payload in the page parameter. The issue is due to improper handling of relative paths, enabling access to sensitive files and potentially e...
CVE-2000-0921
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. dot dot attack on the page parameter...
Security Advisory: Hassan Consulting's shop.cgi Directory Traversal Vulnerability.
October 7, 2000 Security Advisory shop.cgi.ad-1.00-10 : Hassan Consulting's Shopping Cart shop.cgi Directory Traversal Vulnerability Affected Product: Hassan Consulting's Shopping Cart shop.cgi/shop.pl Version 1.18 possibly others aswell Affected Platforms: Unix Windows Overview: Hassan...
Hassan Consulting Shopping Cart 1.18 - Directory Traversal
Hassan Consulting Shopping Cart 1.18 - Directory Traversal source: https://www.securityfocus.com/bid/1777/info The $page variable in Hassan Consulting Shopping Cart does not properly check for insecure relative paths such as the double dot "..". Therefore, requesting the following URL will displa...
Hassan Consulting Shopping Cart 1.18 - Directory Traversal
source: https://www.securityfocus.com/bid/1777/info The $page variable in Hassan Consulting Shopping Cart does not properly check for insecure relative paths such as the double dot "..". Therefore, requesting the following URL will display the specified file:...