MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| coxco_support | a-cart | 2.0 |
| coxco_support | metacart | 2.sql |
| coxco_support | midicart_asp_maxi | * |
| coxco_support | midicart_asp_plus | * |
| coxco_support | salescart-pro | * |
| coxco_support | salescart-std | * |
| coxco_support | midicart_asp | * |