Submit #333519: EnvaySoft FleetCart 4.1.1 Information Disclosureinfo

TitleEnvaySoft FleetCart 4.1.1 Information Disclosure
Description# Exploit Title: FleetCart 4.1.1 - WebPage Content Information Disclosure # Exploit Author: skalvin # Date: 13/05/2024 # Vendor: EnvaySoft # Vendor Homepage: https://codecanyon.net/item/fleetcart-laravel-ecommerce-system/23014826 # Software Demo Link: https://demo.fleetcart.envaysoft.com/en # Tested on: Windows 11 Pro 22H2 # Impact: Sensitive Information Leakage # CWE: CWE-200 - CWE-284 - CWE-266 ## Description Issues with information disclosure in redirect responses. Accessing the majority of the website's pages exposes sensitive data, including the "Razorpay" "razorpayKeyId". ## Steps to Reproduce: When you view the majority of the pages on the website, such as https://demo.fleetcart.envaysoft.com/en/login https://demo.fleetcart.envaysoft.com/en/categories/smartphones/products https://demo.fleetcart.envaysoft.com/en/products?query=123 There is information leaking in the body page response. +---------------------+ razorpayKeyId: 'rzp_test_oACp03vDsqdixc', +---------------------+ Note: the same leaked "razorpayKeyId" is added to "Razorpay" in the Administration Panel. on this Path: https://demo.fleetcart.envaysoft.com/en/admin/settings?tab=razorpay (Login as Administrator) [-] Done
Source⚠️ https://demo.fleetcart.envaysoft.com/en/login
Userskalvin (ID 49463)
Submission05/13/2024 08:42 PM (2 months ago)
Moderation05/22/2024 10:26 PM (9 days later)
StatusAccepted
VulDB Entry265981

Might our Artificial Intelligence support you?

Check our Alexa App!