3 matches found
CVE-2009-2602
R2 Newsletter Lite, Pro, and Stats suffer an improper access control vulnerability that stores sensitive data under the web root, allowing remote attackers to directly download the admin.mdb database file. The issue is documented in CVE-2009-2602 with a base CVSS v2 score of 5.0 (Medium), attack ...
CVE-2009-2602
R2 Newsletter Lite, Pro, and Stats stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for admin.mdb...
CVE-2009-2602
creationtimestamp| type| source ---|---|--- 2009-06-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8849...