Compulsive Media CNU5 News.mdb Database Disclosure Vulnerability

ID EDB-ID:24397
Type exploitdb
Reporter Security .Net Information
Modified 2004-08-23T00:00:00


Compulsive Media CNU5 News.mdb Database Disclosure Vulnerability. Webapps exploit for asp platform


CNU5 is reported prone to a database disclosure vulnerability. It is reported that remote users may download the database file 'news.mdb' and gain access to sensitive information including unencrypted authentication credentials.

CNU5 version 1.2 is reported vulnerable to this issue. CNU5 Extra may be affected as well.

This issue is being retired due to the fact that this is not a vulnerability in the application. Configuring the Web server to restrict access to sensitive files can prevent this problem.