CVE-2008-5780

2008-12-30T15:30:01
ID CVE-2008-5780
Type cve
Reporter NVD
Modified 2017-09-28T21:32:48

Description

Forest Blog 1.3.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing passwords via a direct request for blog.mdb.