Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Commerce)  >   WebCart Vendors:   Mountain Network Systems
Mountain Network Systems WebCart Lets Remote Users Execute Arbitrary Commands on the Web Server
SecurityTracker Alert ID:  1002602
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 20 2001
Impact:   Execution of arbitrary code via network, User access via network
Exploit Included:  Yes  
Version(s): v.8.4
Description:   A vulnerability was reported in Mountain Network Systems WebCart e-commerce system. A remote user can execute commands on the server.

It is reported that the script does not filter user-supplied input. A remote user can supply commands that will be executed by the server with the privileges of the web server.

A demonstration exploit URL is provided:


Impact:   A remote user can execute arbitrary commands with the privileges of the web server.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (NT), Windows (2000)
Underlying OS Comments:  Software is Perl-based

Message History:   None.

 Source Message Contents

Subject:  Webcart v.8.4

Webcart v.8.4 by Mountain Network Systems, Inc., 
This script has vulnerability (does not filter input of the 
user) which allows to carry out commands from 


Everyone should have 


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, LLC