Aggregates CVE and security vulnerability intelligence across all dansie-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk cross-site scripting and vendor risk path handling, with potential vendor impact session compromise and vendor impact file overwrite across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-0292 | Cross-site scripting (XSS) vulnerability in photo_album.pl in Dansie Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | [email protected] | 4.3 | 0.84% | 2008-01-16 | 2026-06-16 |
| CVE-2008-0257 | Cross-site scripting (XSS) vulnerability in search.pl in Dansie Search Engine 2.7 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | [email protected] | 4.3 | 1.02% | 2008-01-15 | 2026-06-16 |
| CVE-2003-1517 | cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message. | [email protected] | 5.0 | 2.00% | 2003-12-31 | 2026-06-16 |
| CVE-2000-1243 | Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to an e-mail address controlled by the product developers. | [email protected] | 5.0 | 1.08% | 2000-12-31 | 2026-06-16 |