CVE-2002-1798

Name of the Vulnerable Software and Affected Versions MidiCart PHP, PHP Plus, and PHP Maxi (affected versions not specified)

Description The issue allows remote attackers to upload arbitrary PHP files via a direct request to "admin/upload.php" or access sensitive information via a direct request to "admin/credit card info.php".

Recommendations For MidiCart PHP, consider disabling access to the "admin/upload.php" endpoint until a fix is available. For PHP Plus, restrict access to the "admin/credit card info.php" endpoint to minimize the risk of exploitation. For PHP Maxi, avoid using direct requests to sensitive endpoints like "admin/upload.php" and "admin/credit card info.php" until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.