CitrusDB 0.1/0.2/0.3 Credit Card Data - Remote Information Disclosure
| EKU-ID: 30429 | CVE: CVE-2005-0229;OSVDB-13228 | OSVDB-ID: |
| Author: Maximillian Dornseif | Published: 2005-01-31 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 30429 | CVE: CVE-2005-0229;OSVDB-13228 | OSVDB-ID: |
| Author: Maximillian Dornseif | Published: 2005-01-31 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/12402/info A remote information disclosure issue affects CitrusDB. This issue is due to a design problem that grants unauthorized users the ability to export sensitive data. An attacker may leverage this issue to gain access to sensitive information including credit card data. [path to CitrusDB]/io/newfile.txt where [path to CitrusDB] is the path relative to the web root.