CVE-2012-5892

2012-11-17T21:55:00
ID CVE-2012-5892
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:32:00

Description

Havalite CMS 1.1.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the configuration database via a direct request for data/havalite.db3.