CVE

Id
18927  
CVE No.
CVE-2006-2823  
Status
Candidate  
Description
Katrien De Graeve a.shopKart 2.0 (aka ashopKart20) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) admin/scart.mdb and possibly (2) admin/scart97.mdb.  
Phase
Assigned (20060605)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
167336 18927 CVE-2006-2823 BUGTRAQ:20060602 new bug  View
167337 18927 CVE-2006-2823 URL:http://www.securityfocus.com/archive/1/archive/1/435746/100/0/threaded  View
167338 18927 CVE-2006-2823 VUPEN:ADV-2006-2208  View
167339 18927 CVE-2006-2823 URL:http://www.vupen.com/english/advisories/2006/2208  View
167340 18927 CVE-2006-2823 OSVDB:26237  View
167341 18927 CVE-2006-2823 URL:http://www.osvdb.org/26237  View
167342 18927 CVE-2006-2823 SECTRACK:1009549  View
167343 18927 CVE-2006-2823 URL:http://securitytracker.com/id?1009549  View
167344 18927 CVE-2006-2823 SECUNIA:20485  View
167345 18927 CVE-2006-2823 URL:http://secunia.com/advisories/20485  View
167346 18927 CVE-2006-2823 SREASON:1025  View
167347 18927 CVE-2006-2823 URL:http://securityreason.com/securityalert/1025  View
167348 18927 CVE-2006-2823 XF:ashopkart-database-file-access(15599)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
61752 JVNDB-2006-004018 cPanel における open_basedir 制限を回避される脆弱性 cPanel には、open_basedir 制限を回避される、および他の仮想ホストへアクセスされる脆弱性が存在します。 CVE-2006-2825 18927 5.1 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-004018.html  View