CVE-2000-0396
Published May 24, 2000
Last updated 16 years ago
Overview
- Description
- The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pacific_software:carello:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "888076E8-B384-467E-9F6E-5FA517DAA4D9"
}
],
"operator": "OR"
}
]
}
]