CVE-2008-5899

CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for private/CAFFAPage.mdb. NOTE: some of these details are obtained fro...

Improper access control

CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for private/CAFFAPage.mdb. NOTE: some of these details are obtained fro...

CVE-2008-5899

CodeAvalanche FreeForAll (CVE-2008-5899) stores sensitive information under the web root with inadequate access control, enabling remote attackers to download the administrator password database via a direct request to _private/CAFFAPage.mdb. NVD lists a CVSS v2 base score of 7.5 (HIGH; NETWORK a...

CVE-2008-5899

CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for private/CAFFAPage.mdb. NOTE: some of these details are obtained fro...

CodeAvalanche FreeForAll (CAFFAPage.mdb) Database Disclosure Vuln

Exploit for unknown platform in category web applications ================================================================= CodeAvalanche FreeForAll CAFFAPage.mdb Database Disclosure Vuln =================================================================...

CodeAvalanche FreeForAll - Database Disclosure

CodeAvalanche FreeForAll - Database Disclosure --------------------------------------------------------- Portal Name: CAFFAPAGE Download : http://www.truecontent.info/codeavalanche/asp-free-for-all-links.php Author : PouyaServer , [email protected] Vulnerability : DD...