CVE-2008-5900

2009-01-12T15:00:02
ID CVE-2008-5900
Type cve
Reporter NVD
Modified 2017-09-28T21:32:52

Description

CodeAvalanche Articles stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAArticles.mdb. NOTE: some of these details are obtained from third party information.