Vulnerabilities > CVE-2003-1304 - Unspecified vulnerability in Early Impact Productcart
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request.
Vulnerable Configurations
Exploit-Db
description | ProductCart 1.5/1.6/2.0 File Disclosure Vulnerability. CVE-2003-1304. Webapps exploit for asp platform |
id | EDB-ID:22868 |
last seen | 2016-02-02 |
modified | 2003-07-05 |
published | 2003-07-05 |
reporter | Tri Huynh |
source | https://www.exploit-db.com/download/22868/ |
title | ProductCart 1.5/1.6/2.0 File Disclosure Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | PRODUCTCART_SQL_INJECTION.NASL |
description | The remote host is using the ProductCart software suite. This set of CGIs is vulnerable to a SQL injection bug that could allow an attacker to take control of the server as an administrator. In addition, the application is susceptible various file disclosure and cross-site scripting attacks. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11785 |
published | 2003-07-08 |
reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11785 |
title | ProductCart Multiple Vulnerabilities |
code |
|
References
- http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/0081.html
- http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/0081.html
- http://secunia.com/advisories/9195
- http://secunia.com/advisories/9195
- http://www.earlyimpact.com/pdf/ProductCart_Security_Tips.pdf
- http://www.earlyimpact.com/pdf/ProductCart_Security_Tips.pdf
- http://www.securityfocus.com/archive/1/438189/100/200/threaded
- http://www.securityfocus.com/archive/1/438189/100/200/threaded
- http://www.securityfocus.com/bid/8112
- http://www.securityfocus.com/bid/8112
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9816
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9816