CVE-2006-2948

Name of the Vulnerable Software and Affected Versions A-CART version 2.0

Description The issue allows remote attackers to obtain username and password information due to insufficient access control of the acart2 0.mdb file stored under the web document root.

Recommendations For version 2.0, consider restricting access to the acart2 0.mdb file to prevent remote attackers from obtaining sensitive information. As a temporary workaround, restrict access to the file until a proper fix is applied.