1369 matches found
CVE-2009-1051
FubarForum 1.6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for user.tsv...
CVE-2009-1052
FireAnt 1.3 and earlier products are affected by an improper access control vulnerability that stores sensitive data under the web root. This allows remote attackers to directly request user.tsv and download a database containing user credentials. The CVE entry notes a network-exposed issue with ...
CVE-2008-6494
ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb...
Improper access control
ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb...
CVE-2008-6494
ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb...
CVE-2008-6494
The CVE-2008-6494 entry concerns ASP User Engine.NET, where sensitive data is stored under the web root with insufficient access control. The underlying issue allows a remote attacker to download the database (users.mdb) by issuing a direct request. This is supported by the NVD description and as...
CVE-2009-0866
pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for extra/genbackup.php...
Improper access control
pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for extra/genbackup.php...
CVE-2009-0866
pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for extra/genbackup.php...
Improper access control
Team Board 1.x and 2.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for data/team.mdb...
Improper access control
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request...
CVE-2009-0827
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request...
Improper access control
QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct request...
CVE-2009-0828
The CVE-2009-0828 entry concerns QuoteBook, where quotes.inc is stored under the web root with insufficient access control. The root cause is improper access restrictions, allowing remote attackers to directly access the database and obtain sensitive information, including user credentials. The a...
CVE-2008-6375
JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb...
Improper access control
JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb...
Improper access control
Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb...
CVE-2008-6374
CodefixerSoftware MailingListPro Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to db/MailingList.mdb...
Improper access control
ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb...
CVE-2008-6387
Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb...