Описание
CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root, which allows remote attackers to steal credit card information via a direct request to newfile.txt.
CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root, which allows remote attackers to steal credit card information via a direct request to newfile.txt.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-0229
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19145
- http://marc.info/?l=full-disclosure&m=110824766519417&w=2
- http://securitytracker.com/id?1013040
- http://www.citrusdb.org/forums/viewtopic.php?t=49
- http://www.redteam-pentesting.de/advisories/rt-sa-2005-001.txt
- http://www.securityfocus.com/bid/12402
EPSS
Процентиль: 93%
0.09876
Низкий
CVE ID
Связанные уязвимости
nvd
почти 21 год назад
CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root, which allows remote attackers to steal credit card information via a direct request to newfile.txt.
EPSS
Процентиль: 93%
0.09876
Низкий