header-logo
Suggest Exploit
vendor:
Midicart ASP
by:
SecurityFocus
7.5
CVSS
HIGH
Insufficient Access Control
264
CWE
Product Name: Midicart ASP
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Microsoft Windows
2002

Midicart ASP Default Installation Vulnerability

Midicart ASP is a commercially available e-commerce solution distributed by Coxco Support. It is available for the Microsoft Windows operating system. The default installation of Midicart ASP does not place sufficient access control on the midicart.mdb file. Due to this lack of access control, it is possible for a remote user to gain access to this file. This file may yield sensitive customer information, such as customer names, addresses, and credit card information.

Mitigation:

Ensure that access control is properly configured on the midicart.mdb file.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5438/info

Midicart ASP is a commercially available e-commerce solution distributed by Coxco Support. It is available for the Microsoft Windows operating system.

The default installation of Midicart ASP does not place sufficient access control on the midicart.mdb file. Due to this lack of access control, it is possible for a remote user to gain access to this file. This file may yield sensitive customer information, such as customer names, addresses, and credit card information.

http://www.example.com/shoppingdirectory/midicart.mdb

Navigation

Suggest Exploit

Services By CQR