Security Advisory

CVE-2006-2823

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-06-05 17:00:00

Last updated 2024-08-07 18:06:26

Assigner mitre

State PUBLISHED

Description

Katrien De Graeve a.shopKart 2.0 (aka ashopKart20) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) admin/scart.mdb and possibly (2) admin/scart97.mdb.

← Browse all CVEs View on cve.org ↗