Remote Code Execution in Element InstantShop via Price Modification
CVE-2000-1001 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
add_2_basket.asp in Element InstantShop allows remote attackers to modify price information via the "price" hidden form variable.
Learn more about our Web Application Penetration Testing UK.