Re: Shopping Carts exposing CC data

From: Bo Elkjaer (booat_private)
Date: Tue Apr 27 1999 - 05:39:47 PDT

Next message: Paul Leach: "MS security bugs"

Previous message: Simon Helson: "RE Possible DOS in WinNT RAS (PPTP)"
Maybe in reply to: Joe: "Shopping Carts exposing CC data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Been doing some more searches for misconfigured webcarts exposing cc-information.
Seems like a pandora's box, that just opened.

Perlshop is vulnerable too if misconfigured:

Version?
Platforms?
Executable file: perlshop.cgi
Exposed directory: /store/customers/, /store/temp_customers/
Exposed orderinfo: Several files, eight-digit numbered names.
Status: adverware. Only requirement is to display a "powered by perlshop"-logo on
page.


Bo Elkjaer, Denmark

Next message: Paul Leach: "MS security bugs"
Previous message: Simon Helson: "RE Possible DOS in WinNT RAS (PPTP)"
Maybe in reply to: Joe: "Shopping Carts exposing CC data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:44:00 PDT