SUSE CVE-2007-0078

BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb...

CVE-2007-0078

BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb...

Improper access control

BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb...

CVE-2007-0078

BattleBlog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/blankmaster.mdb...

CVE-2007-0078

Technical details about CVE-2007-0078 are not provided in the connected documents. The initial description notes a web-root access issue enabling a database download, but there are no vendor/product/version specifics or remediation steps in the supplied materials.

BattleBlog Database Download Vulnerability

Aria-Security Team Happy New Year!! Aria-Security.com For English Aria-Security.net For Parsi Discovered: Aria-Security Team Vendor:http://www.battleblog.com/home/g/ Risk: Low Type:Remote Database Download PoC: http://TARGET/path/database/blankmaster.mdb Contact: [email protected]...