Vulnerability Description
MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Metalinks | Metacart2.Sql | All versions |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0200.html
- http://www.iss.net/security_center/static/9393.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/5042
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0200.html
- http://www.iss.net/security_center/static/9393.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/5042
FAQ
What is CVE-2002-0943?
CVE-2002-0943 is a vulnerability with a CVSS score of 6.4 (MEDIUM). MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via ...
How severe is CVE-2002-0943?
CVE-2002-0943 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0943?
Check the references section above for vendor advisories and patch information. Affected products include: Metalinks Metacart2.Sql.