| VID |
21134 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The '/pw/storemgr.pw' file is exposed.
Mercantec's SoftCart Web-based shopping cart system could potentially be misconfigured by a site's administrator. This misconfiguration could expose sensitive order information or user IDs and encrypted passwords to the server. |
| Recommendation |
Reinstall the SoftCart application, following the installation instructions carefully. To prevent unauthorized remote access to sensitive SoftCart files and directories, ensure that appropriate permissions have been set.
See the following site about more information:
http://www.mercantec.com/ |
| Related URL |
CVE-1999-0609 (CVE) |
| Related URL |
2055 (SecurityFocus) |
| Related URL |
3856 (ISS) |
|
