Eazy Cart Multiple Input Validation and Authentication Bypass Vulnerabilities

Eazy Cart Multiple Input Validation and Authentication Bypass Vulnerabilities

Eazy Cart is prone to multiple input-validation and authentication-bypass vulnerabilities. These include data-injection, cross-site scripting, and authentication-bypass issues because the application fails to properly sanitize user-supplied input or to control access to administrative functions.

A successful exploit of these vulnerabilities could allow an attacker to modify prices and other values when ordering products, steal cookie-based authentication credentials from legitimate users of the site, or even bypass authentication requirements. Other attacks are also possible.