Lucene search
+L

4 matches found

nvd
nvd
added 2009/01/12 8:0 p.m.13 views

CVE-2008-5886

TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for private/discussion.mdb. NOTE: some of these details are obtained from third part...

5CVSS6.5AI score0.02587EPSS
Exploits0References3
prion
prion
added 2009/01/12 8:0 p.m.11 views

Improper access control

TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for private/discussion.mdb. NOTE: some of these details are obtained from third part...

5CVSS7.1AI score0.02587EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2009/01/12 7:27 p.m.23 views

CVE-2008-5886

TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for private/discussion.mdb. NOTE: some of these details are obtained from third part...

6.5AI score0.02587EPSS
Exploits0References3
cve
cve
added 2009/01/12 7:27 p.m.50 views

CVE-2008-5886

The CVE-2008-5886 issue affects TAKempis Discussion Web 4.0, where sensitive information is stored under the web root with insufficient access control. An attacker can directly request the file _private/discussion.mdb to download a password-containing database, exposing credentials and sensitive ...

5CVSS6.7AI score0.02587EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder