Description
CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request.
Affected products
- cfshopkart / cf_shopkart5.2.2 – 5.2.2
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/33080
- EXPLOIThttps://www.exploit-db.com/exploits/7412