Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbFrogEDB-ID:21896
HistoryOct 02, 2002 - 12:00 a.m.

Midicart PHP - Arbitrary File Upload

2002-10-0200:00:00
frog
www.exploit-db.com
18

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/5855/info

A problem with the default installation of Midicart PHP may make it possible for remote users to gain access to sensitive information.

The default installation of Midicart PHP does not place sufficient access control on files residing in the 'admin' folder. Due to this lack of access control, it is possible for a remote attacker to gain access to this file and upload arbitrary files to a vulnerable system.

http://<site>/admin/upload.php

Related

cvelist 1
nvd 2
cve 2
exploitdb 1
cvelist
cvelist
CVE-2002-1798
2005-06-28 04:00:00
nvd
nvd
CVE-2002-1798
2002-12-31 05:00:00
CVE-2002-2160
2002-12-31 05:00:00
cve
cve
CVE-2002-1798
2005-06-28 04:00:00
CVE-2002-2160
2005-11-16 21:17:00
exploitdb
exploitdb
Midicart PHP - Information Disclosure
2002-10-02 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:21896
cvelist1nvd2cve2exploitdb1