DC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/2889/exploit DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data,...

DC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/2889/exploit DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data,...

DCShop Beta 1.0 Form Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4356/info DCShop Beta is a freely available shopping cart system, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is possible to overwrite setup files .setu...

DCShop exposes sensitive files

We detected a vulnerable version of the DCShop CGI. This version does not properly protect user and credit card information. It is possible to access files that contain administrative passwords, current and pending transactions and credit card information along with name, address, etc...

CVE-2002-0492

dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter...

CVE-2002-0492

dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter...

CVE-2002-0492

DCShop 1.002 Beta is affected by CVE-2002-0492. The vulnerability lies in dcshop.cgi, allowing remote attackers to delete arbitrary setup files via a null character in the database parameter. Practical impact described in sources is the unauthorized deletion of setup files; no further exploit det...

DCShop Beta 1.0 - Form Manipulation

source: https://www.securityfocus.com/bid/4356/info DCShop Beta is a freely available shopping cart system, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is possible to overwrite setup files .setup by submitting attacker-supplied...

CVE-2001-0821

The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for 1 orders.txt or 2 authuserfile.txt...

EUVD-2001-0805

The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for 1 orders.txt or 2 authuserfile.txt...

CVE-2001-0821

The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for 1 orders.txt or 2 authuserfile.txt...

CVE-2001-0821

DCShop 1.002 beta default configuration exposes sensitive files in the cgi-bin directory (orders.txt, auth_user_file.txt), allowing remote reads via HTTP GET. Connected OpenVAS entry corroborates a vulnerable DCShop CGI release and suggests access to admin passwords, current/pending transactions,...

Досутуп к файлам в DCShop (weak permissons)

Файлы содержащие критическую информацию доступны через Web...

DC Scripts DCShop Beta 1.0 02 - File Disclosure (1)

DC Scripts DCShop Beta 1.0 02 - File Disclosure 1 source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential ord...

DC Scripts DCShop Beta 1.0 02 - File Disclosure (1)

source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data, including credit card and other private...