Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0943


Vulnerability Score 6.4 6.4
CVE Id CVE-2002-0943
Last Modified 05 Sep 2008 04:29:21
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb.

Vulnerable Systems


  • Metalinks Metacart2.sql


XF - metacart2sql-insecure-database-access(9393)

BID - 5042

BUGTRAQ - 20020618 Metacart vuln.

Last Updated: 27 May 2016 10:37:08