Signature Detail
Short Name |
HTTP:PKG:EZMALL-LOG-ORDER-ACCSS |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
ezmall order log |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: EzMall Log Order Access
This signature detects attempts to access the vulnerable EZMall order log file in the EZMall Web ordering system, which can be misconfigured to expose the order log and reveal sensitive information about purchase activity.
Extended Description
Remote attackers could exploit this vulnerability to obtain the credit card numbers, addresses, and other personal information of customers purchasing through EZMall 2000.