Bugtraq mailing list archives
Re: Shopping Carts exposing CC data
From: hevnsnt () BIGFOOT COM (hevnsnt)
Date: Fri, 23 Apr 1999 22:57:45 -0500
Sorry If already known, 1st post.. Even worse than this, check the Admin directory.. ugh. Seems as though you can configure the system without any type of password or authentication. *sigh* x2 -hevn ----- Original Message ----- From: Joe <joe () GONZO BLARG NET> To: <BUGTRAQ () netspace org> Sent: Friday, April 23, 1999 7:15 PM Subject: Re: Shopping Carts exposing CC data
On Fri, 23 Apr 1999, Bo Elkjaer wrote:This is my first post to Bugtraq so please bear with me for any errs
and/or
misconducts. I'd just like to point out, that Webcart is vulnerable too. Here goes: Mountain Network Systems Inc. http://www.mountain-net.com Platform: ? Exposed Directories: /config, /orders (and others. They're all listed in config-file) Exposed Order Info: orders.txt Exposed Config Info: mountain.cfg Number of exposed installs: 18+ at a quick glance. Probably more. PGP Option Available?: Unknown Status: Commercial, ranging from $399 to $4650. Bo Elkjaer, DenmarkConfirmed it, sent a heads-up to mountain-net. Worse, look for "import.txt" and "checks.txt" Import.txt includes every order ever made on the site in a tab-delimited format. *sigh* -- Joe H. Technical Support General Support: support () blarg net Blarg! Online Services, Inc. Voice: 425/401-9821 or 888/66-BLARG http://www.blarg.net
Current thread:
- javascript hotmail password trap, (continued)
- javascript hotmail password trap David L. Nicol (Apr 23)
- Re: Shopping Carts exposing CC data Joe (Apr 23)
- Discus advisory. Elaich Of Hhp (Apr 23)
- Re: Discus advisory. Ian R. Justman (Apr 28)
- Re: Discus advisory. Elaich Of Hhp (Apr 29)
- X-based sniffer-netxmon Zhang Qianli (Apr 29)
- Re: X-based sniffer-netxmon route () RESENTMENT INFONEXUS COM (Apr 29)
- Re: X-based sniffer-netxmon Zhang Qianli (Apr 29)
- Buffer overflow in ftpd and locate bug Sergey V. Kolychev (Apr 30)
- Re: X-based sniffer-netxmon Corey Lindsly (Apr 29)
- Re: Discus advisory. Ian R. Justman (Apr 28)
- Re: Shopping Carts exposing CC data hevnsnt (Apr 23)
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 25)
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 27)