header-logo
Suggest Exploit
vendor:
Midicart PHP
by:
SecurityFocus
6.4
CVSS
MEDIUM
Default Installation of Midicart PHP
N/A
CWE
Product Name: Midicart PHP
Affected Version From: Midicart PHP
Affected Version To: Midicart PHP
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Default Installation of Midicart PHP

A problem with the default installation of Midicart PHP may make it possible for remote users to gain access to sensitive information. The default installation of Midicart PHP does not place sufficient access control on files residing in the 'admin' folder. Files in this folder are meant to be accessed by privileged individuals and may contain sensitive information.

Mitigation:

Place sufficient access control on files residing in the 'admin' folder.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5851/info

A problem with the default installation of Midicart PHP may make it possible for remote users to gain access to sensitive information.

The default installation of Midicart PHP does not place sufficient access control on files residing in the 'admin' folder. Files in this folder are meant to be accessed by privileged individuals and may contain sensitive information.

http://<site>/admin/credit_card_info.php

Navigation

Suggest Exploit

Services By CQR