Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1798

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2002-1798
Last Modified 05 Sep 2008 04:31:32
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1798

Summary

MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php.

Vulnerable Systems

Application

  • Coxco Support Midicart Php

  • Coxco Support Midicart Php Maxi

  • Coxco Support Midicart Php Plus


References

BID - 5855

BID - 5851

XF - midicart-php-access-upload(10306)

BUGTRAQ - 20021002 Multiple Web Security Holes


Last Updated: 27 May 2016 10:37:30