6.7 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
79.8%
BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.
secunia.com/advisories/33384
exchange.xforce.ibmcloud.com/vulnerabilities/47799
www.exploit-db.com/exploits/7689