PDGSoft Shopping Cart Exposed Orders Vulnerability
BID:2315
Info
PDGSoft Shopping Cart Exposed Orders Vulnerability
| Bugtraq ID: | 2315 |
| Class: | Configuration Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Apr 20 1999 12:00AM |
| Updated: | Apr 20 1999 12:00AM |
| Credit: | Posted to BugTraq April 20, 1999 by Joe < [email protected] > |
| Vulnerable: |
PDGSoft Shopping Cart 1.50 |
| Not Vulnerable: | |
Discussion
PDGSoft Shopping Cart Exposed Orders Vulnerability
PDGSoft's PDG Shopping Cart, when poorly installed, leaves customer order information (including credit card details and order history) in world readable plain text log files. These files can be retrieved by a remote attacker when they have been poorly secured in this manner.
PDGSoft's PDG Shopping Cart, when poorly installed, leaves customer order information (including credit card details and order history) in world readable plain text log files. These files can be retrieved by a remote attacker when they have been poorly secured in this manner.
Solution / Fix
PDGSoft Shopping Cart Exposed Orders Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
PDGSoft Shopping Cart Exposed Orders Vulnerability
References:
References: