Lucene search
MitreCVE-2000-0925HistoryJan 22, 2001 - 5:00 a.m.
CVE-2000-0925
2001-01-2205:00:00
mitre
web.nvd.nist.gov
33
cve-2000-0925
smartwin cyberoffice
shopping cart 2
_private directory
world readable permissions
remote attackers
sensitive information
nvd.
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.009
Percentile
82.3%
The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information.
Affected configurations
Node
smartwin_technologycyberoffice_shopping_cartMatch2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| smartwin_technology | cyberoffice_shopping_cart | 2.0 | cpe:2.3:a:smartwin_technology:cyberoffice_shopping_cart:2.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2000-0925
2001-01-22 05:00:00
exploitdb
exploitdb
SmartWin CyberOffice Shopping Cart 2.0 - Client Information Disclosure
2000-10-02 00:00:00
nvd
nvd
CVE-2000-0925
2000-12-19 05:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.009
Percentile
82.3%
Related for CVE-2000-0925