AI Score
Confidence
Low
EPSS
Percentile
70.2%
KrM Haber 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for d_atabase/Krmdb.mdb.
osvdb.org/64217
packetstormsecurity.org/1004-exploits/krmhaber-disclose.txt
secunia.com/advisories/39700
exchange.xforce.ibmcloud.com/vulnerabilities/58284