Eazy Cart allows remote attackers to change prices and other critical fields via unspecified vectors to easycart.php, probably including the price parameter. NOTE: some details are obtained from third party information.Referenceshttp://securityreason.com/securityalert/1717http://www.securityfocus.com/archive/1/448094/100/0/threadedhttp://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001http://securitytracker.com/id?1017041http://secunia.com/advisories/22286http://www.mayhemiclabs.com/advisories/MHL-2006-01.txthttps://exchange.xforce.ibmcloud.com/vulnerabilities/29420
