CVE-2004-2060

2004-12-31T05:00:00
ID CVE-2004-2060
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:31:00

Description

ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.