EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Productcart | Early_impact | 1.5003r | 1.5003r |
Productcart | Early_impact | 1.6002 | 1.6002 |
Productcart | Early_impact | 1.3 | 1.3 |
Productcart | Early_impact | 2.0 | 2.0 |
Productcart | Early_impact | 1.6b001 | 1.6b001 |
Productcart | Early_impact | 1.6br001 | 1.6br001 |
Productcart | Early_impact | 1.6b003 | 1.6b003 |
Productcart | Early_impact | 1.5 | 1.5 |
Productcart | Early_impact | 1.6_b003 | 1.6_b003 |
Productcart | Early_impact | 1.5003 | 1.5003 |
Productcart | Early_impact | 1.6_br003 | 1.6_br003 |
Productcart | Early_impact | 1.6br003 | 1.6br003 |
Productcart | Early_impact | 1.4 | 1.4 |
Productcart | Early_impact | 1.6_b002 | 1.6_b002 |
Productcart | Early_impact | 1.6b002 | 1.6b002 |
Productcart | Early_impact | 1.5002 | 1.5002 |
Productcart | Early_impact | 1.6_br | 1.6_br |
Productcart | Early_impact | 1.6_br001 | 1.6_br001 |
Productcart | Early_impact | 1.6br | 1.6br |
Productcart | Early_impact | 1.1 | 1.1 |
Productcart | Early_impact | 1.2 | 1.2 |
Productcart | Early_impact | 1.5004 | 1.5004 |
Productcart | Early_impact | 1.6_b | 1.6_b |
Productcart | Early_impact | 1.6_b001 | 1.6_b001 |
Productcart | Early_impact | 1.6003 | 1.6003 |
Productcart | Early_impact | 1.6b | 1.6b |
Productcart | Early_impact | 2 | 2 |