header-logo
Suggest Exploit
vendor:
CyberOffice Shopping Cart
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: CyberOffice Shopping Cart
Affected Version From: CyberOffice Shopping Cart 2.0
Affected Version To: CyberOffice Shopping Cart 2.0
Patch Exists: No
Related CWE: N/A
CPE: a:smartwin_technology:cyberoffice_shopping_cart
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows NT 4.0, Windows 2000
2001

Smartwin Technology CyberOffice Shopping Cart Directory Traversal Vulnerability

CyberOffice Shopping Cart 2.0 is vulnerable to a directory traversal attack, which allows an attacker to gain read access to the _private directory on a website running the application. The _private directory has world readable permissions, and contains an Microsoft Access Database which stores confidential client details such as customer orders and unencrypted credit card information. An attacker need only request 'http://target/_private/shopping_cart.mdb' with a browser to access it.

Mitigation:

The permissions of the _private directory should be changed to prevent remote access.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1734/info

Smartwin Technology CyberOffice Shopping Cart is a shopping cart application for e-commerce enabled websites running Windows NT 4.0 or 2000.

It is possible for a remote user to gain read access to the _private directory on a website running CyberOffice Shopping Cart 2.0. By default the _private directory has world readable permissions. The Microsoft Access Database which contains confidential client details (such as customer orders and unencrypted credit card information) is stored in the _private directory and is thus accessible to attackers. An attacker need only request "http://target/_private/shopping_cart.mdb" with a browser to access it. 

http://target/_private/shopping_cart.mdb

Navigation

Suggest Exploit

Services By CQR