Zen-cart Database Backup Disclosure Vulnerability Network Vulnerability

Summary

The host is running Zen-cart and is prone to database backup disclosure vulnerability.

Impact

Successful exploitation will allow remote attackers to obtain sensitive database information by downloading the database backup. Impact Level: Application

Solution

No Solution is available as of 27th December, 2013.Information regarding this issue will be updated once the solution details are available. For more information refer to, http://www.zen-cart.com

Insight

The flaw is due to unspecified error that allows unauthenticated access to database backup

Affected

Zen-cart version 1.5.1 and probably prior

Detection

Send a crafted data via HTTP GET request and check whether it is vulnerable or not.

References

http://cxsecurity.com/issue/WLB-2013120167

Updated on 2017-03-28

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
AbanteCart Multiple Cross-Site Scripting Vulnerabilities
Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
Apache Tomcat Multiple Vulnerabilities June-09
Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities