Been doing some more searches for misconfigured webcarts exposing cc-information. Seems like a pandora's box, that just opened. Perlshop is vulnerable too if misconfigured: Version? Platforms? Executable file: perlshop.cgi Exposed directory: /store/customers/, /store/temp_customers/ Exposed orderinfo: Several files, eight-digit numbered names. Status: adverware. Only requirement is to display a "powered by perlshop"-logo on page. Bo Elkjaer, Denmark
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:44:00 PDT