CVE-2002-2310

Name of the Vulnerable Software and Affected Versions: ClickCartPro version 4.0

Description: The issue concerns insufficient access control on the admin user.db data file stored under the web document root in ClickCartPro, allowing remote attackers to obtain usernames and passwords on servers other than Apache.

Recommendations: For ClickCartPro version 4.0, consider restricting access to the admin user.db data file to prevent unauthorized access until a proper fix is applied. As a temporary workaround, moving the admin user.db file outside of the web document root can help minimize the risk of exploitation.