PT-2005-2574 · Codethat · Codethat Shoppingcart

Icaro

Published

2005-05-16

Updated

2008-09-05

CVE-2005-1595

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions CodeThat ShoppingCart version 1.3.1

Description The issue allows remote attackers to obtain sensitive information via a direct request, as the config.ini file is stored under the web root.

Recommendations For CodeThat ShoppingCart version 1.3.1, consider moving the config.ini file outside of the web root directory to prevent unauthorized access.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1595

Affected Products

Codethat Shoppingcart

PT-2005-2574 · Codethat · Codethat Shoppingcart

CVE-2005-1595

Related Identifiers

Affected Products

References · 6