A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
A-cart | Alan_ward | * | 2.0 (including) |