CVE-2000-0253

The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields.

Publication date: Tue, 11 Apr 2000 09:00:00 +0000

Cyber News related to CVE-2000-0253

CVE-2011-2810 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-0253. Reason: This candidate is a reservation duplicate of CVE-2011-0253. Notes: All CVE users should reference CVE-2011-0253 instead of this candidate. All references and ...
54 years ago Tenable.com

CVE-2001-0253 - Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter. ...
6 years ago

CVE-2000-0253 - The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. ...
6 years ago

CVE-2000-0744 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0743. Reason: This candidate is a duplicate of CVE-2000-0743. Notes: All CVE users should reference CVE-2000-0743 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2008-5416 - Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 ...
6 years ago

CVE-2008-0086 - Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. ...
6 years ago

CVE-2008-0107 - Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 ...
5 years ago

CVE-2008-0085 - SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize ...
5 years ago

CVE-2021-47460 - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 ...
5 months ago Tenable.com

CVE-2024-49883 - In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4_ext_insert_extent() As Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is reallocated in ext4_ext_create_new_leaf(), we'll use ...
4 weeks ago Tenable.com

CVE-2022-0253 - livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') ...
2 years ago

CVE-2007-0253 - ** DISPUTED ** Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity ...
16 years ago

CVE-2011-0253 - WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in ...
13 years ago

CVE-2002-0253 - PHP, when not configured with the "display_errors Off" setting in php.ini, allows remote attackers to obtain the physical path for an include file via a trailing slash in a request to a directly accessible PHP program, which modifies the ...
8 years ago

CVE-2005-0253 - Directory traversal vulnerability in index.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to delete arbitrary files via a Delete action and .. (dot dot) sequences in the database_name parameter. ...
9 months ago

CVE-2004-0253 - IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cause a denial of service via certain SQL code, possibly due to a SQL injection vulnerability. ...
7 years ago

CVE-2012-0253 - Multiple cross-site scripting (XSS) vulnerabilities in Demand Media Pluck SiteLife before 5.0.13 allow remote attackers to inject arbitrary web script or HTML via (1) the jsonRequest parameter to Direct/Process, the (2) r or (3) cb parameter to ...
7 years ago

CVE-2009-0253 - Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" ...
7 years ago

CVE-2016-0253 - Cross-site scripting (XSS) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x ...
6 years ago

CVE-2014-0253 - Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger ...
6 years ago

CVE-2008-0253 - SQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter. ...
6 years ago

CVE-2006-0253 - Buffer overflow in the Bluetooth OBEX Object Push service in "Blue Neighbors.EXE" in AmbiCom Blue Neighbors 2.50 Build 2500 and earlier allows remote attackers to execute arbitrary code via a long file name, as demonstrated via a long RFILE ...
6 years ago

CVE-2013-0253 - The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack. ...
5 years ago

CVE-2018-0253 - A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. Commands executed by the attacker are processed at the ...
5 years ago

CVE-2021-0253 - NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. This issue affects Juniper ...
2 years ago

Latest Cyber News

CVE-2024-52739 - 23 hours ago
CVE-2018-9483 - 23 hours ago
CVE-2018-9485 - 23 hours ago
CVE-2018-9487 - 23 hours ago
CVE-2018-9470 - 23 hours ago
CVE-2018-9472 - 23 hours ago
CVE-2018-9477 - 23 hours ago
CVE-2024-11492 - 1 day ago
CVE-2024-52770 - 1 day ago
CVE-2024-52796 - 1 day ago
CVE-2024-52769 - 1 day ago
CVE-2024-51162 - 1 day ago
CVE-2024-52725 - 1 day ago
CVE-2024-11491 - 1 day ago
CVE-2024-11490 - 1 day ago
CVE-2024-11488 - 1 day ago
CVE-2024-11486 - 1 day ago
CVE-2024-11487 - 1 day ago
CVE-2024-11485 - 1 day ago
CVE-2024-52471 - 1 day ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-52282 - 2 days ago
CVE-2024-11278 - 1 day ago
CVE-2024-9653 - 1 day ago
CVE-2024-10515 - 1 day ago
CVE-2024-52614 - 1 day ago
CVE-2024-9239 - 1 day ago
CVE-2024-10855 - 1 day ago
CVE-2024-10899 - 1 day ago
CVE-2024-10900 - 1 day ago
CVE-2024-11277 - 1 day ago
CVE-2024-48895 - 1 day ago
CVE-2024-47865 - 1 day ago
CVE-2024-52033 - 1 day ago
CVE-2024-11176 - 1 day ago
CVE-2024-10126 - 1 day ago
CVE-2024-10127 - 1 day ago
CVE-2024-11179 - 1 day ago
CVE-2024-11494 - 1 day ago
CVE-2024-10665 - 1 day ago
CVE-2024-10891 - 1 day ago