CVE-2004-2060

2004-12-31T00:00:00
ID CVE-2004-2060
Type cve
Reporter NVD
Modified 2017-07-10T21:31:35

Description

ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.