Vulnerabilities > CVE-2001-0821 - Unspecified vulnerability in Dcscripts Dcshop 1.002Beta
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN dcscripts
exploit available
Summary
The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description DC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability (2). CVE-2001-0821. Remote exploit for cgi platform id EDB-ID:20939 last seen 2016-02-02 modified 2001-06-18 published 2001-06-18 reporter Peter Helms source https://www.exploit-db.com/download/20939/ title DC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability 2 description DC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability (1). CVE-2001-0821. Remote exploit for cgi platform id EDB-ID:20938 last seen 2016-02-02 modified 2001-06-18 published 2001-06-18 reporter Peter Helms source https://www.exploit-db.com/download/20938/ title DC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability 1
References
- http://archives.neohapsis.com/archives/bugtraq/2001-06/0233.html
- http://archives.neohapsis.com/archives/bugtraq/2001-06/0233.html
- http://www.dcscripts.com/dcforum/dcshop/44.html
- http://www.dcscripts.com/dcforum/dcshop/44.html
- http://www.securityfocus.com/bid/2889
- http://www.securityfocus.com/bid/2889
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6707
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6707