Family: CGI abuses --> Category: infos
Comersus Cart Customer Database Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for customer database vulnerability in Comersus Cart
Detailed Explanation for this Vulnerability Test
The remote web server contains an ASP application that is prone to an
information disclosure vulnerability.
The remote host appears to be running Comersus Cart, an ASP shopping
The version of Comersus Cart installed on the remote host fails to
restrict access to its customer database, which contains order
information, passwords, credit card numbers, etc. Further, the data
in all likelihood can be decrypted trivially since the application
reportedly uses the same default password for each version of the
application to encrypt and decrypt data.
See also :
Unknown at this time.
Medium / CVSS Base Score : 4
Click HERE for more information and discussions on this network vulnerability scan.