Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtCraCkEr1337DAY-ID-39623
HistoryMay 28, 2024 - 12:00 a.m.

FleetCart 4.1.1 Information Disclosure Vulnerability

2024-05-2800:00:00
CraCkEr
0day.today
75
information disclosure
fleetcart 4.1.1
sensitive data leakage
razorpay
cwe-200
cwe-284
cwe-266
cve-2024-5230
capec-19
capec-116
att&ck: t1592
envaysoft
webpage content

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

6.9 Medium

CVSS4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/SC:N/VI:N/SI:N/VA:N/SA:N

7.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.6%

JSON
# Exploit Title: FleetCart 4.1.1 - WebPage Content Information Disclosure
# Exploit Author: CraCkEr
# Vendor: EnvaySoft
# Vendor Homepage: https://codecanyon.net/item/fleetcart-laravel-ecommerce-system/23014826
# Software Demo Link: https://demo.fleetcart.envaysoft.com/en
# Tested on: Windows 11 Pro 22H2
# Impact: Sensitive Information Leakage
# CWE: CWE-200 - CWE-284 - CWE-266
# CVE: CVE-2024-5230
# CAPEC: CAPEC-19 / CAPEC-116
# ATT&CK: T1592


## Description

Issues with information disclosure in redirect responses. Accessing the majority of the website's pages exposes sensitive data, including the "Razorpay" "razorpayKeyId".


## Steps to Reproduce:

When you view the majority of the pages on the website, such as

https://demo.fleetcart.envaysoft.com/en/login
https://demo.fleetcart.envaysoft.com/en/categories/smartphones/products
https://demo.fleetcart.envaysoft.com/en/products?query=123


There is information leaking in the body page response.

+---------------------+
razorpayKeyId: 'rzp_test_oACp03vDsqdixc',
+---------------------+


Note: the same leaked "razorpayKeyId" is added to "Razorpay" in the Administration Panel.

on this Path:

https://demo.fleetcart.envaysoft.com/en/admin/settings?tab=razorpay (Login as Administrator)

[-] Done

Related

nvd 1
nuclei 1
vulnrichment 1
cvelist 1
cve 1
packetstorm 1
nvd
nvd
CVE-2024-5230
2024-05-23 02:15:09
nuclei
nuclei
FleetCart 4.1.1 - Information Disclosure
2024-05-24 15:12:07
vulnrichment
vulnrichment
CVE-2024-5230 EnvaySoft FleetCart information disclosure
2024-05-23 02:00:04
cvelist
cvelist
CVE-2024-5230 EnvaySoft FleetCart information disclosure
2024-05-23 02:00:04
cve
cve
CVE-2024-5230
2024-05-23 02:15:09
packetstorm
packetstorm
FleetCart 4.1.1 Information Disclosure
2024-05-23 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

6.9 Medium

CVSS4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/SC:N/VI:N/SI:N/VA:N/SA:N

7.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.6%

JSON
Related for 1337DAY-ID-39623
nvd1nuclei1vulnrichment1cvelist1cve1packetstorm1