[10362] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Shopping Carts exposing CC data

daemon@ATHENA.MIT.EDU (Bo Elkjaer)
Tue Apr 27 13:15:44 1999

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <3725B012.15F477F0@datashopper.dk>
Date: 	Tue, 27 Apr 1999 14:39:47 +0200
Reply-To: Bo Elkjaer <boo@DATASHOPPER.DK>
From: Bo Elkjaer <boo@DATASHOPPER.DK>
To: BUGTRAQ@NETSPACE.ORG

Been doing some more searches for misconfigured webcarts exposing cc-information.
Seems like a pandora's box, that just opened.

Perlshop is vulnerable too if misconfigured:

Version?
Platforms?
Executable file: perlshop.cgi
Exposed directory: /store/customers/, /store/temp_customers/
Exposed orderinfo: Several files, eight-digit numbered names.
Status: adverware. Only requirement is to display a "powered by perlshop"-logo on
page.

Bo Elkjaer, Denmark


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[10362] in bugtraq

Re: Shopping Carts exposing CC data

daemon@ATHENA.MIT.EDU (Bo Elkjaer)Tue Apr 27 13:15:44 1999

daemon@ATHENA.MIT.EDU (Bo Elkjaer)
Tue Apr 27 13:15:44 1999