#ibm

The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.

The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.

The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.

The WebSiteTool shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.

The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.

The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.

The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with several accounts that have no passwords or easily guessable default passwords.

Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.

Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.

Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.