DC Scripts DCShop Beta 1.0 02 - File Disclosure (1)

source: https://www.securityfocus.com/bid/2889/info

DCShop is a GCI-based ecommerce system from DCScripts.

Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data, including credit card and other private customer information, as well as the DCShop admnistrator login ID and password. 

http://theTargetHost/cgi-bin/DCShop/Orders/orders.txt