Summary
The host is running Zen-cart and is prone to database backup disclosure vulnerability.
Impact
Successful exploitation will allow remote attackers to obtain sensitive database information by downloading the database backup.
Impact Level: Application
Solution
No Solution is available as of 27th December, 2013.Information regarding this issue will be updated once the solution details are available. For more information refer to, http://www.zen-cart.com
Insight
The flaw is due to unspecified error that allows unauthenticated access to database backup
Affected
Zen-cart version 1.5.1 and probably prior
Detection
Send a crafted data via HTTP GET request and check whether it is vulnerable or not.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
- AbanteCart Multiple Cross-Site Scripting Vulnerabilities
- Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
- Apache Tomcat Multiple Vulnerabilities June-09
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability