CVE-2006-5246

Eazy Cart allows remote attackers to change prices and other critical fields via unspecified vectors to easycart.php, probably including the price parameter. NOTE: some details are obtained from third party information.

Score5.0
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactPARTIAL
Availability ImpactNONE
Published2006-10-11 08:07:00.000-04
Last Modified2018-10-17 05:41:53.000-04

Vulnerable Software List

VendorProductVersions
Eazy Cart Eazy Cart

References

SourceLink
SREASON1717
SECTRACK1017041
MISChttp://www.mayhemiclabs.com/advisories/MHL-2006-01.txt
MISChttp://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001
BUGTRAQ20061010 MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues
XFeazycart-easycart-data-manipulation(29420)