AI Score
Confidence
Low
EPSS
Percentile
81.1%
The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt.
archives.neohapsis.com/archives/bugtraq/2001-06/0233.html
www.dcscripts.com/dcforum/dcshop/44.html
www.securityfocus.com/bid/2889
exchange.xforce.ibmcloud.com/vulnerabilities/6707