Vulnerabilities > CVE-2005-0229 - Unspecified vulnerability in Citrusdb Customer Database

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
citrusdb
exploit available

Summary

CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root, which allows remote attackers to steal credit card information via a direct request to newfile.txt.

Exploit-Db

descriptionCitrusDB 0.1/0.2/0.3 Credit Card Data Remote Information Disclosure Vulnerability. CVE-2005-0229. Remote exploits for multiple platform
idEDB-ID:25072
last seen2016-02-03
modified2005-01-31
published2005-01-31
reporterMaximillian Dornseif
sourcehttps://www.exploit-db.com/download/25072/
titleCitrusDB 0.1/0.2/0.3 Credit Card Data Remote Information Disclosure Vulnerability