2 matches found
CVE-2005-1733
CVE-2005-1733 affects Cookie Cart: password file passwd.txt is stored under the web document root with insufficient access control, enabling remote retrieval of usernames and encrypted passwords via a direct request. CVSS v2 base score 5.0 (Medium). No exploitation details or fixes are provided i...
CVE-2005-1732
Cookie Cart is affected by CVE-2005-1732 where remote attackers can read the Order Notification list through the testmycgi and path parameters to testmy.cgi. The available sources confirm this access path but do not specify affected versions, patches, or exact root cause details beyond the parame...