Improper access control

BlogHelper stores commondb.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request...

CVE-2009-0826

BlogHelper stores commondb.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request...

CVE-2009-0826

CVE-2009-0826: BlogHelper stores common_db.inc under the web root with insufficient access control, enabling remote attackers to download the database file containing user credentials via a direct request. The description and linked references confirm exposure of credential data through direct ac...

BlogHelper Configuration File Disclosure

...... Remote Config File Disclosure ---------------------------------------------------- script: BlogHelper download from:http://www.freedville.com/oss/BlogHelper.zip vul: www.site.com/path/commondb.inc ................................ $dbhost = ""; $dbusername = ""; $dbuserpass = "";...

BlogHelper (common_db.inc) Remote Config File Disclosure Vulnerability

Exploit for unknown platform in category web applications ====================================================================== BlogHelper commondb.inc Remote Config File Disclosure Vulnerability ====================================================================== ...... Remote Config File...

crfdb-disclose.txt

Title : Capital Request Forms Db Username and Password Vulnerabilities Author : Gokhan Contact : [email protected] Dork : inurl:commondb.inc Script : http://selfemployment.douglas.bc.ca/caprequest/ ExpLoit : http://site/path/inc/commondb.inc ; Code : commondb.inc...