CVE DATABASE / CVE-2002-0943
CVE-2002-0943
CVSS 6.4 · MEDIUM
Summary
MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb.
CVSS 2.0 breakdown
| Base score | 6.4 (MEDIUM) |
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | PARTIAL |
| Integrity | PARTIAL |
| Availability | NONE |
Affected products
Metalinks metacart2.sql
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0200.html
- http://www.iss.net/security_center/static/9393.php
- http://www.securityfocus.com/bid/5042
Data: NIST NVD. NVD last modified 2026-04-16. Always verify against the vendor advisory before acting.