Vulnerabilities > CVE-2001-0821 - Unspecified vulnerability in Dcscripts Dcshop 1.002Beta

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
dcscripts
exploit available
NVD
Published: 2001-12-06
Updated: 2017-12-19

Summary

The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt.

Vulnerable Configurations

Part Description Count
Application
Dcscripts
1

Exploit-Db

  • descriptionDC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability (2). CVE-2001-0821. Remote exploit for cgi platform
    idEDB-ID:20939
    last seen2016-02-02
    modified2001-06-18
    published2001-06-18
    reporterPeter Helms
    sourcehttps://www.exploit-db.com/download/20939/
    titleDC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability 2
  • descriptionDC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability (1). CVE-2001-0821. Remote exploit for cgi platform
    idEDB-ID:20938
    last seen2016-02-02
    modified2001-06-18
    published2001-06-18
    reporterPeter Helms
    sourcehttps://www.exploit-db.com/download/20938/
    titleDC Scripts DCShop Beta 1.0 02 File Disclosure Vulnerability 1

References