Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0396


Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0396
Last Modified 10 Sep 2008 03:04:34
Published 24 May 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files.

Vulnerable Systems


  • Pacific Software Carello 1.2.1


BID - 1245

BUGTRAQ - 20000524 Alert: Carello File Creation flaw

Last Updated: 27 May 2016 10:35:42