Insecure Storage of Password File in Cookie Cart

Insecure Storage of Password File in Cookie Cart

CVE-2005-1733 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Cookie Cart stores the password file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and encrypted passwords via a direct request to passwd.txt.

Learn more about our Web App Pen Testing.