22 matches found
CVE-1999-0610
An incorrect configuration of the Webcart CGI program could disclose private information...
EUVD-2001-1479
Malware in sbrugna...
EUVD-1999-0593
Malware in sbrugna...
EUVD-2007-4284
Malware in sbrugna...
Mountain Network Systems WebCart 8.4 Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3453/info Mountain Network Systems WebCart is a cgi based online shopping suite. An error in the webcart.cgi script allows a remote user to pass an arbitrary shell command which will be executed by the script. WebCart...
WebCart cross-site scripting vulnerability
Overview WebCart, provided by CGI's, contains a cross-site scripting vulnerability. WebCart provided by CGI's is shopping cart software. WebCart's management interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-4301
Multiple cross-site scripting XSS vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-4301
The CVE-2007-4301 entry relates to multiple cross-site scripting (XSS) flaws in the WebCart management interface (versions 2.20–2.25). The authenticated vector is unspecified, but exploitation could allow an attacker to execute arbitrary script in the user’s browser within WebCart’s management UI...
CVE-2007-4301
Multiple cross-site scripting XSS vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
JVN#66303599 WebCart cross-site scripting vulnerability
WebCart provided by CGI's is shopping cart software. WebCart's management interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version provided by the vendor. For more...
CVE-2001-1502
The OpenVAS entries confirm CVE-2001-1502 affects Mountain Network Systems WebCart 8.4, where the webcart.cgi CGI script does not properly filter user input and allows remote command execution via shell metacharacters in the NEXTPAGE parameter. Impact is arbitrary command execution on the affecte...
WebCart.pl
WebCart exploit Spawn bash style Shell with webserver uid Spabam 2003 PRIV8 code hackarena irc.brasnet.org This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; my $shit; $U1 =...
Webcart v.8.4
Webcart v.8.4 by Mountain Network Systems, Inc., This script has vulnerability does not filter input of the user which allows to carry out commands from WebServer. EXPLOIT: http://www.server.com/cgi-bin/webcart/webcart.cgi? CONFIG=mountain&CHANGE=YES&NEXTPAGE=;ls|&CODE=PHOLD...
Mountain Network Systems WebCart 8.4 - Command Execution
Mountain Network Systems WebCart 8.4 - Command Execution source: https://www.securityfocus.com/bid/3453/info Mountain Network Systems WebCart is a cgi based online shopping suite. An error in the webcart.cgi script allows a remote user to pass an arbitrary shell command which will be executed by...
Mountain Network Systems WebCart 8.4 - Command Execution
source: https://www.securityfocus.com/bid/3453/info Mountain Network Systems WebCart is a cgi based online shopping suite. An error in the webcart.cgi script allows a remote user to pass an arbitrary shell command which will be executed by the script. WebCart exploit Spawn bash style Shell with...
CVE-1999-0610
An incorrect configuration of the Webcart CGI program could disclose private information...
CVE-1999-0610
CVE-1999-0610 concerns a misconfiguration in the Webcart CGI program that can disclose private information. Affected component: Webcart CGI; root cause: incorrect configuration. Exposed locations include world-readable files/directories under /webcart and /webcart-lite (e.g., orders/, carts/, con...
Webcart Default Install Configuration Disclosure
At least one of these file or directories is world readable : /webcart/orders/ /webcart/orders/import.txt /webcart/carts/ /webcart/config/ /webcart/config/clients.txt /webcart-lite/orders/import.txt /webcart-lite/config/clients.txt This misconfiguration may allow an attacker to gather the credit...
perlshop.cc.txt
Date: Tue, 27 Apr 1999 14:39:47 +0200 From: Bo Elkjaer To: [email protected] Subject: Re: Shopping Carts exposing CC data Been doing some more searches for misconfigured webcarts exposing cc-information. Seems like a pandora's box, that just opened. Perlshop is vulnerable too if misconfigured:...