2 matches found
CVE-2007-0153
AJLogin 3.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for ajlogin.mdb...
CVE-2007-0153
AJLogin 3.5 stores the database (ajlogin.mdb) under the web root with insufficient access control, enabling remote download of passwords. Affected component: ajlogin.mdb handling; root cause: improper access restrictions. Impact: partial confidentiality loss (passwords exposed). Exploitation deta...