CVE-2002-1432
UnknownEPSS 7.77%
Last modified
CVE-2002-1432 is a vulnerability of currently unknown severity. MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database.. EPSS estimates a 7.77% chance of exploitation in the next 30 days.
Description
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Coxco Support | A-Cart | 2.0 |
| Coxco Support | Metacart | 2.sql |
| Coxco Support | Midicart Asp | All versions |
| Coxco Support | Midicart Asp Maxi | All versions |
| Coxco Support | Midicart Asp Plus | All versions |
| Coxco Support | Salescart-Pro | All versions |
| Coxco Support | Salescart-Std | All versions |
References
- http://www.iss.net/security_center/static/9816.phpPatch, Vendor Advisory
- http://www.securityfocus.com/bid/5438Exploit, Vendor Advisory
- http://www.iss.net/security_center/static/9816.phpPatch, Vendor Advisory
- http://www.securityfocus.com/bid/5438Exploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2002-1432?
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database.
How severe is CVE-2002-1432?
Severity scoring for CVE-2002-1432 is pending analysis. The EPSS model estimates a 7.77% probability of exploitation in the next 30 days.
How do I fix CVE-2002-1432?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2002-1432?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST