Short Name |
HTTP:PKG:EZMALL-LOG-ORDER-ACCSS |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
EzMall Log Order Access |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to access the vulnerable EZMall order log file in the EZMall Web ordering system, which can be misconfigured to expose the order log and reveal sensitive information about purchase activity.
Remote attackers could exploit this vulnerability to obtain the credit card numbers, addresses, and other personal information of customers purchasing through EZMall 2000.