Eazy Cart allows remote attackers to change prices and other critical fields via unspecified vectors to easycart.php, probably including the price parameter. NOTE: some details are obtained from third party information.
https://exchange.xforce.ibmcloud.com/vulnerabilities/29420
http://www.securityfocus.com/archive/1/448094/100/0/threaded
http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001
http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt
http://securitytracker.com/id?1017041