Alan Ward A-Cart Web Accessable Database File Vulnerability

Alan Ward A-Cart Web Accessable Database File Vulnerability

Alan Ward's A-Cart is a web based shopping cart application. It is implemented in ASP, and designed for use with Microsoft Access under Microsoft Windows based servers.

A vulnerability has been reported in some versions of A-Cart. By default, the database file 'acart2_0.mdb' is stored within the web directory. Remote attackers may be able to download the database file through a HTTP request.