3 matches found
CVE-2010-0123
The CVE-2010-0123 issue affects Employee Timeclock Software 0.99, where the backup database is stored under the web root with insufficient access control. This enables remote attackers to download the database by directly requesting a semi-predictable file name. The vulnerability stems from insec...
CVE-2010-0123
The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a "semi-predictable file name."...
Secunia Research: Employee Timeclock Software Backup Information Disclosure
====================================================================== Secunia Research 10/03/2010 - Employee Timeclock Software Backup Information Disclosure - ====================================================================== Table of Contents Affected...