1. CVE-Search
  2. CVE-2005-1329
ID CVE-2005-1329
Summary owOfflineCC.asp in OneWorldStore allows remote attackers to obtain sensitive information by modifying the idOrder parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:oneworldstore:oneworldstore:basic:*:*:*:*:*:*:*
    cpe:2.3:a:oneworldstore:oneworldstore:basic:*:*:*:*:*:*:*
  • cpe:2.3:a:oneworldstore:oneworldstore:soho:*:*:*:*:*:*:*
    cpe:2.3:a:oneworldstore:oneworldstore:soho:*:*:*:*:*:*:*
  • cpe:2.3:a:oneworldstore:oneworldstore:free:*:*:*:*:*:*:*
    cpe:2.3:a:oneworldstore:oneworldstore:free:*:*:*:*:*:*:*
  • cpe:2.3:a:oneworldstore:oneworldstore:enterprise:*:*:*:*:*:*:*
    cpe:2.3:a:oneworldstore:oneworldstore:enterprise:*:*:*:*:*:*:*
  • cpe:2.3:a:oneworldstore:oneworldstore:business:*:*:*:*:*:*:*
    cpe:2.3:a:oneworldstore:oneworldstore:business:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 14-02-2024 - 01:17)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 13361
confirm http://www.oneworldstore.com/support_security_issue_updates.asp#April_24_2005_Lostmon
misc http://lostmon.blogspot.com/2005/04/oneworldstore-user-information.html
osvdb 15781
sectrack 1013796
secunia 15104
Last major update 14-02-2024 - 01:17
Published 02-05-2005 - 04:00
Last modified 14-02-2024 - 01:17
Back to Top