CVE-2005-0229
Published Apr 27, 2005
Last updated 7 years ago
Overview
- Description
- CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root, which allows remote attackers to steal credit card information via a direct request to newfile.txt.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrusdb:citrusdb_customer_database:0.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D783C42-422D-4D30-8964-1351DC475F74"
},
{
"criteria": "cpe:2.3:a:citrusdb:citrusdb_customer_database:0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC024508-ACFD-405E-A98F-D78334B86ACF"
},
{
"criteria": "cpe:2.3:a:citrusdb:citrusdb_customer_database:0.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECD1D644-40BC-4D8A-B378-EC5B63747B32"
},
{
"criteria": "cpe:2.3:a:citrusdb:citrusdb_customer_database:0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA66669C-6E8D-4352-B9C3-744CF3769E91"
},
{
"criteria": "cpe:2.3:a:citrusdb:citrusdb_customer_database:0.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E45EC24C-DCAF-4A0B-B663-EA3CE56EBB05"
},
{
"criteria": "cpe:2.3:a:citrusdb:citrusdb_customer_database:0.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C9232AB-6EBA-44CB-9037-4493A9BD6AA1"
}
],
"operator": "OR"
}
]
}
]