CVE-2007-4873

2007-09-27T15:17:00
ID CVE-2007-4873
Type cve
Reporter NVD
Modified 2017-07-28T21:33:15

Description

SimpNews 2.41.03 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download arbitrary .inc files via a direct request, as demonstrated by admin/includes/dbtables.inc.