Vulnerabilities > CVE-2000-0925 - Unspecified vulnerability in Smartwin Technology Cyberoffice Shopping Cart 2.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

smartwin-technology

exploit available

NVD

Published: 2000-12-19

Updated: 2017-10-10

Summary

The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information.

Vulnerable Configurations

Part	Description	Count
Application	Smartwin_Technology Smartwin Technology Cyberoffice Shopping Cart 2.0	1

Exploit-Db

description	SmartWin CyberOffice Shopping Cart 2.0 Client Information Disclosure Vulnerability. CVE-2000-0925. Remote exploit for windows platform
id	EDB-ID:20248
last seen	2016-02-02
modified	2000-10-02
published	2000-10-02
reporter	DCIST
source	https://www.exploit-db.com/download/20248/
title	SmartWin CyberOffice Shopping Cart 2.0 Client Information Disclosure Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References