CVE-2004-2221

Mercantec SoftCart 4.00b - RCE

Title source: llm

Description

Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16926
exploitdb WORKING POC VERIFIED
by skape · rubyremotecgi
https://www.exploit-db.com/exploits/10037
metasploit WORKING POC GREAT
by skape, trew · rubypocbsdi
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/bsdi/softcart/mercantec_softcart.rb

References (4)

Scores

EPSS 0.7742
EPSS Percentile 99.0%

Details

Status published
Products (1)
mercantec/softcart 4.00b
Published Dec 31, 2004
Tracked Since Feb 18, 2026