EUVD-1999-1355

Malware in sbrugna...

Perl$hop E-Commerce Script - Trust Boundary Input Parameter Injection

A while back I was playing around with Perl$hop, which if you are not aware, is an e-commerce script developed by Waverider Systems. XSS Cross Site Scripting, Directory Traversal, Code Execution, and more! Wow, that sure is a lot of vulnerabilities for one product. It would seem as if the...

CVE-1999-1374

perlshop.cgi shopping cart program stores sensitive customer information in directories and files that are under the web root, which allows remote attackers to obtain that information via an HTTP request...

CVE-1999-1374

perlshop.cgi shopping cart program stores sensitive customer information in directories and files that are under the web root, which allows remote attackers to obtain that information via an HTTP request...

CVE-1999-1374

CVE-1999-1374 affects perlshop.cgi (PerlShop) Web shopping cart. A flaw in input validation allows remote attackers to inject commands via crafted input used in a mail-related operation (open MAIL) that invokes an external mail program, enabling remote command execution in the Web server process....