Vulnerabilities > Vpasp > VP ASP Shopping Cart > 6.50
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-01-21 | CVE-2008-5929 | Permissions, Privileges, and Access Controls vulnerability in Vpasp Vp-Asp Shopping Cart 6.50 VP-ASP Shopping Cart 6.50 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database containing the password via a direct request for database/shopping650.mdb. | 5.0 |