2001-01-22 05:00:00
mitre
PUBLISHED
add_2_basket.asp in Element InstantShop allows remote attackers to modify price information via the "price" hidden form variable.