Coxco Support : Security Vulnerabilities, CVEs,
MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php.
Max CVSS
9.1
EPSS Score
0.81%
Published
2002-12-31
Updated
2024-01-25
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database.
Max CVSS
5.0
EPSS Score
1.13%
Published
2003-04-11
Updated
2008-09-05
2 vulnerabilities found