Vulners
Lucene search
Integramod 1.4.x - Insecure Directory Download Database
today i found some major security problem. the issue can be found at all integramod 1.4.x versions.
explanation of the issue:
all integramod versions do have a backup folder where the daily database backups are stored. the coders
of integramod forgott to secure this folder.
example:
just head to the official page of integramod www.integramod.com. you are being redirected
to http://www.integramod.com/forum/ . now just head into the backup folder: http://www.integramod.com/forum/backup.
As you can see you have full access to all database backups!
-> www.pagename/installpath/backup/ directly leads to the database backups!
notice: some versions do have a index.html in the folder but it is easy to get the backups any way
bacause they are alway stored in the dame format:
backup-yyyy-dd-mm.sql
greetings from germany
TheJT
# milw0rm.com [2008-09-06]Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 Sep 2008 00:00Current
7.4High risk
Vulners AI Score7.4