RSS   Podatności dla 'Dcshop'   RSS

2002-08-12
 
CVE-2002-0492

 
 
dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter.

 
2001-12-06
 
CVE-2001-0821

CWE-Other
 
 
The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt.

 

 >>> Vendor: Dcscripts 5 Produkty
Dcforum
Dcforum 2000
Dcshop
Dcforum+
Dcforumlite

Copyright 2024, cxsecurity.com

 

Back to Top