Netbilling.Nbmember.Information.Disclosure

description-logoDescription

It indicates a possible exploit of information disclosure vulnerability in the Netbilling application.


NetBilling is a web application used for carrying out financial transactions such as credit card processing. A vulnerability is reported in nbmember.cgi script that reveals user authentication credentials and system configurations if an attacker send URL get request appending with test command.

affected-products-logoAffected Products

NetBilling version 2.2 and earlier.

Impact logoImpact

Gain access to the user information and system configuration resulting in loss of confidentiality.

recomended-action-logoRecommended Actions

Upgrade to Netbilling version 2.3 or later.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)