CVE-2002-1432
MidiCart - Unauthenticated Sensitive Information Exposure via Database File Request
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-1432. PoCs published by Dimitri Sekhniashvili.
AI-analyzed exploit summary This is a writeup describing an information disclosure vulnerability in Midicart ASP due to insufficient access control on the midicart.mdb file. The vulnerability allows remote attackers to access sensitive customer information, including credit card details, by directly requesting the database file.
Description
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database.
Exploits (1)
This is a writeup describing an information disclosure vulnerability in Midicart ASP due to insufficient access control on the midicart.mdb file. The vulnerability allows remote attackers to access sensitive customer information, including credit card details, by directly requesting the database file.