Improper access control

2008-12-1518:00:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.2%

JSON

Professional Download Assistant 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for database/downloads.mdb.

CPENameOperatorVersion
professional_download_assistanteq0.1

CPE	Name	Operator	Version
	professional_download_assistant	eq	0.1

References

osvdb.org/50547

secunia.com/advisories/33030

securityreason.com/securityalert/4748

exchange.xforce.ibmcloud.com/vulnerabilities/47148

www.exploit-db.com/exploits/7371