This page aggregates publicly disclosed CVE and security risk information related to craig_dansie, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2005-2217 | Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables. | [email protected] | 5.0 | 1.30% | 2005-07-12 | 2026-06-16 |
| CVE-2000-0254 | The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | [email protected] | 5.0 | 6.02% | 2000-04-14 | 2026-06-16 |
| CVE-2000-0253 | The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | [email protected] | 10.0 | 2.54% | 2000-04-11 | 2026-06-16 |
| CVE-2000-0252 | The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable. | [email protected] | 5.0 | 2.21% | 2000-04-11 | 2026-06-16 |