| tiêu đề | Script And Tools e-Commerce 3.0 3.0 Information Disclosure |
|---|
| Mô tả | Title of the Vulnerability:
Script and Tools | eCommerce 3.0 | admin/subscriber-csv.php - Information Disclosure
Vulnerability Class: Information Disclosure
CWE : CWE-200: Information Exposure
Product Name: eCommerce 3.0
Vendor: https:/github.com/scriptandtools/
Vulnerable Product Link:
https:/github.com/scriptandtools/eCommerce-website-in-PHP
Technical Details & Description:
The application source code is coded in a way which allows : Unauthorized access to subscriber data in '/admin/subscriber-csv.php' leading to potential data exposure.
Product & product Introduction:
eCommerce-3.0
Observation & Exploitation:
Here,The Vulnerable File Is:
/admin/subscriber-csv.php
Who will be affected of this attack?
->The Admin and The Subscribers!
The Subscriber emails,names abd informations can be sold by hackers!
Thus,the reputation of the company will be hampered! |
|---|
| Nguồn | ⚠️ https://www.websecurityinsights.my.id/2025/04/script-and-tools-ecommerce-30_53.html |
|---|
| Người dùng | MaloyRoyOrko (UID 79572) |
|---|
| Đệ trình | 14/04/2025 04:36 (cách đây 1 Năm) |
|---|
| Kiểm duyệt | 26/04/2025 09:25 (12 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 306311 [ScriptAndTools eCommerce-website-in-PHP 3.0 subscriber-csv.php tiết lộ thông tin] |
|---|
| điểm | 20 |
|---|