Unrated severityNVD Advisory· Published Oct 15, 2007· Updated Jun 16, 2026
CVE-2007-5463
CVE-2007-5463
Description
ideal_process.php in the iDEAL payment module in ViArt Shop 3.3 beta and earlier might allow remote attackers to obtain the pathname for certificate and key files via an "iDEAL transaction", possibly involving fopen error messages for nonexistent files, a different issue than CVE-2007-5364. NOTE: this can be leveraged for reading certificate or key files if an installation places these files under the web document root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <=3.3 beta
Patches
Vulnerability mechanics
References
7- secunia.com/advisories/27199nvdPatchVendor Advisory
- www.viart.com/ideal_process_script_fix_for_release_32_and_33_beta.htmlnvdPatch
- osvdb.org/40151nvd
- securityreason.com/securityalert/3233nvd
- www.securityfocus.com/archive/1/481978/100/0/threadednvd
- www.securityfocus.com/bid/25998nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/37048nvd
News mentions
0No linked articles in our index yet.