CVE-2008-6321

Properties

Published:
26.02.2009
Updated:
27.02.2009
Patch available:

Vulnerability description

CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request.

References:

MILW0RM: http://www.milw0rm.com/exploits/7412
SECUNIA: http://secunia.com/advisories/33080