CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-0821

The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.117

EPSS Ranking 93.4%

CVSS Severity

CVSS v2 Score 5.0

References

http://archives.neohapsis.com/archives/bugtraq/2001-06/0233.html
http://www.dcscripts.com/dcforum/dcshop/44.html
http://www.securityfocus.com/bid/2889
https://exchange.xforce.ibmcloud.com/vulnerabilities/6707
http://archives.neohapsis.com/archives/bugtraq/2001-06/0233.html
http://www.dcscripts.com/dcforum/dcshop/44.html
http://www.securityfocus.com/bid/2889
https://exchange.xforce.ibmcloud.com/vulnerabilities/6707

Products affected by CVE-2001-0821

Dcscripts » Dcshop » Version: 1.002_beta

cpe:2.3:a:dcscripts:dcshop:1.002_beta

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0821

Products

Pricing

Contact Us