2 matches found
CVE-2002-0582
WorkforceROI Xpede 4.1 stores temporary expense claim reports in a world-readable and indexable /reports/temp directory, which allows remote attackers to read the reports by accessing the directory...
CVE-2002-0583
WorkforceROI Xpede 4.1 uses a small random namespace 5 alphanumeric characters for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack...