Dragonfly Commerce Security Vulnerabilities and Issues — Dragonfly Commerce CVE List

Lucene search

Incredible InteractiveDragonfly Commerce

2 matches found

CVE•added 2005/07/12 4:0 a.m.•49 views

CVE-2005-2220

Dragonfly Commerce allows remote attackers to change a product price by modifying the x_DragonflyCartProductPrice hidden field to (1) dc_Categorieslist.asp, (2) dc_Categoriesview.asp, (3) dc_productslist.asp, and (4) dc_productslist_Clearance.asp. NOTE: the vendor has disputed this issue, saying th...

5CVSS6.8AI score0.00448EPSS

CVE•added 2005/07/12 4:0 a.m.•39 views

CVE-2005-2221

Multiple SQL injection vulnerabilities in Dragonfly Commerce allows remote attackers to modify SQL statements and possibly execute arbitrary SQL commands via the (1) key parameter to dc_Categoriesview.asp, (2) dc_productslist_Clearance.asp, (3) PID parameter to ratings.asp, (4) dc_Productsview.asp,...

7.5CVSS8.9AI score0.00431EPSS