CVE-2005-0229 Information
Feb 14, 2021
cve
Description
CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root which allows remote attackers to steal credit card information via a direct request to newfile.txt.
Reference
http://marc.info/?l=full-disclosure&m=110824766519417&w=2 http://securitytracker.com/id?1013040 http://www.citrusdb.org/forums/viewtopic.php?t=49 http://www.redteam-pentesting.de/advisories/rt-sa-2005-001.txt http://www.securityfocus.com/bid/12402 https://exchange.xforce.ibmcloud.com/vulnerabilities/19145
Share on: