CVE-2005-0229
CitrusDB <= 0.3.5 - Unauthenticated Credit Card Information Exposure via Temporary File
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-0229. PoCs published by Maximillian Dornseif.
AI-analyzed exploit summary This is a writeup describing an information disclosure vulnerability in CitrusDB, where unauthorized users can access sensitive data by navigating to a specific path. The issue is due to a design flaw rather than a code-level exploit.
Description
CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root, which allows remote attackers to steal credit card information via a direct request to newfile.txt.
Exploits (1)
This is a writeup describing an information disclosure vulnerability in CitrusDB, where unauthorized users can access sensitive data by navigating to a specific path. The issue is due to a design flaw rather than a code-level exploit.