CVE-2010-1066

AR Web Content Manager AWCM 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for control/dbbackup.php...

CVE-2010-1065

Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/lebisoft.mdb...

Improper access control

Acidcat CMS 3.5.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for databases/acidcat3.mdb...

Improper access control

KMSoft Guestbook aka GBook 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb...

Improper access control

PD PORTAL 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb...

CVE-2010-0977

PD PORTAL 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb...

CVE-2010-0978

KMSoft Guestbook aka GBook 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb...

Improper access control

Jevci Siparis Formu Scripti stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for siparis.mdb...

CVE-2010-0978

The CVE-2010-0978 entry affects KMSoft Guestbook (aka GBook) 1.0, where sensitive data is stored under the web root with insufficient access control. This allows remote attackers to directly download the database file (db/db.mdb), exposing stored information. The root cause is improper access con...

CVE-2010-0978

KMSoft Guestbook aka GBook 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb...

CVE-2010-0965

Jevci Siparis Formu Scripti stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for siparis.mdb...

CVE-2010-0123

The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a "semi-predictable file name."...

CVE-2010-0123

The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a "semi-predictable file name."...

Improper access control

Visialis ABB Forum 1.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for fpdb/abb.mdb...

CVE-2010-0765

fipsForum 2.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/forumFips.mdb...

Improper access control

fipsForum 2.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/forumFips.mdb...

CVE-2010-0681

ZeusCMS 0.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for admin/backup.sql...

Improper access control

StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for path/stats.mdb...

CVE-2010-0674

StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for path/stats.mdb...

CVE-2010-0674

CVE-2010-0674 affects StatCounteX 3.1. The issue is improper access control: sensitive data is stored under the web root and can be downloaded via a direct request to path/stats.mdb, leading to partial confidentiality loss. Public references in the record indicate remote access exposure and provi...