CVE-2002-1798 — CRITICAL severity vulnerability (MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers)
MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php.
| CVE ID | CVE-2002-1798 |
|---|---|
| Severity | CRITICAL |
| CVSS score | 9.1 |
| CVSS vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| CWE | CWE-425 |
| Status | Modified |
| Published | 2002-12-31 |
| Last modified | 2026-04-16 |
| Description | MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →