Summary MetaCart2.sql is an ASP based shopping Cart application with SQL database. A security vulnerability in the product allows attackers to access the database used for storing user provided data (Credit cart numbers, Names, Surnames, Addresses, E-mails, etc). Details Exploit: Accessing any of the following URL will return the database used by the product: http://xxxshop/database/metacart.mdb http://xxxshop/metacart/database/metacart.mdb __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
