CVE-2000-0254

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Apr 14, 2000

Updated: Nov 20, 2024

Summary

CVE-2000-0254 is a vulnerability affecting the dansie shopping cart application's cart.pl file. An attacker can exploit this weakness by accessing specific URLs that reference the env, db, or vars form variables. As a result, they can gain unauthorized access to the shopping cart database and configuration information remotely. This issue poses a significant risk to the confidentiality and integrity of data stored in the affected system. It is recommended that users immediately apply the available patch to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlZyF
https://www.cve.org/CVERecord?id=CVE-2000-0254
https://nvd.nist.gov/vuln/detail/CVE-2000-0254

Back to Vulnerability Database

CVE-2000-0254

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations