CVE-2002-2310

2007-10-2619:00:00

mitre

www.cve.org

clickcartpro 4.0

admin_user.db

access control

vulnerability

remote attackers

usernames

passwords

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

80.3%

JSON

ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.

References

securitytracker.com/id?1004825

www.iss.net/security_center/static/9648.php

www.securiteam.com/securitynews/5DP0T0K7PY.html