Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0943

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2002-0943
Last Modified 05 Sep 2008 04:29:21
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0943

Summary

MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb.

Vulnerable Systems

Application

  • Metalinks Metacart2.sql


References

XF - metacart2sql-insecure-database-access(9393)

BID - 5042

BUGTRAQ - 20020618 Metacart vuln.


Last Updated: 27 May 2016 10:37:08