CVE-2006-5197

2006-10-10T00:06:00
ID CVE-2006-5197
Type cve
Reporter NVD
Modified 2008-09-05T17:11:39

Description

PDshopPro stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) /pdshoppro.mdb, (2) /data/pdshoppro.mdb, or (3) /shoppro/data/pdshoppro.mdb.