VYPR
Unrated severityNVD Advisory· Published Oct 15, 2007· Updated Jun 16, 2026

CVE-2007-5463

CVE-2007-5463

Description

ideal_process.php in the iDEAL payment module in ViArt Shop 3.3 beta and earlier might allow remote attackers to obtain the pathname for certificate and key files via an "iDEAL transaction", possibly involving fopen error messages for nonexistent files, a different issue than CVE-2007-5364. NOTE: this can be leveraged for reading certificate or key files if an installation places these files under the web document root.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Viart/Shop2 versions
    cpe:2.3:a:viart:shop:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:viart:shop:*:*:*:*:*:*:*:*range: <=3.3_beta
    • (no CPE)range: <=3.3 beta
  • Range: <=3.3 beta

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.