Pacific Software Carello — known CVE vulnerabilities
Every CVE whose affected-product data names Pacific Software Carello, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2002-0683 — CVSS 7.5 (high): Directory traversal vulnerability in Carello 1.3 allows remote attackers to execute programs on the server via a .. (dot dot) in the VBEXE…
CVE-2000-0396 — CVSS 5.0 (medium): The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the…