2 matches found
CVE-2004-2060
ASPrunner 2.4 stores the database under the web root in the db/ directory, which may allow remote attackers to retrieve the database by directly requesting the database file. The vulnerability is tied to predictable database filenames based on table and field names. Affected product: ASPrunner (2...
CVE-2004-2060
ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names...