virus logo Intrusion Prevention

DCShop.Orders.txt

description-logoDescription

It indicates a potentially malicious attempt to access orders.txt file in DC Scripts DCShop.


DCShop is a GCI-based e-commerce system from DC Scripts. There exists a vulnerability in DCShop 1.002 beta that allows remote attackers to read sensitive data via an HTTP GET request for orders.txt.


affected-products-logoAffected Products

Any unprotected system running DCShop 1.002 beta is vulnerable.

Impact logoImpact

Attackers can obtain files containing confidential order data, including credit card number and other privacy information.

recomended-action-logoRecommended Actions

Apply appropriate patches or Upgrade the system to the latest non-vulnerable version.


Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 12639
Created Sep 11, 2006
Updated Apr 23, 2014
CVE ID
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 11.73%
Default Action pass
Active
Affected OS Windows, Linux
Affected App CGI_app
Profile Type Information Disclosure