CVE-2002-2310 Information

Description

ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache which allows remote attackers to obtain usernames and passwords.

Reference

http://securitytracker.com/id?1004825 http://www.iss.net/security_center/static/9648.php http://www.securiteam.com/securitynews/5DP0T0K7PY.html