CVE-2006-5245

Eazy Cart allows remote attackers to bypass authentication and gain administrative access via a direct request for admin/home/index.php, and possibly other PHP scripts under admin/.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-11 08:07:00.000-04
Last Modified2018-10-17 05:41:53.000-04

Vulnerable Software List

VendorProductVersions
Eazy Cart Eazy Cart

References

SourceLink
SREASON1717
SECTRACK1017041
MISChttp://www.mayhemiclabs.com/advisories/MHL-2006-01.txt
MISChttp://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001
BUGTRAQ20061010 MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues
XFeazycart-admin-authentication-bypass(29419)