https://www.securityfocus.com/bid/86657
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-767

ClickCartPro4.0在具有服务器除了Apache上的足够访问控制的web文档根下存储admin_user.db数据文件，远程攻击者可以获取用户名和密码。

Kryptronic ClickCartPro 4.0

来源:www.securiteam.com
链接:http://www.securiteam.com/securitynews/5DP0T0K7PY.html
来源:XF
名称:clickcartpro-unauth-database-access-access(9648)
链接:http://www.iss.net/security_center/static/9648.php
来源:SECTRACK
名称:1004825
链接:http://securitytracker.com/id?1004825