Lucene search
K

1369 matches found

Cvelist
Cvelist
added 2009/03/24 2:0 p.m.21 views

CVE-2009-1051

FubarForum 1.6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for user.tsv...

6.4AI score0.01213EPSS
Exploits0References3
CVE
CVE
added 2009/03/24 2:0 p.m.44 views

CVE-2009-1052

FireAnt 1.3 and earlier products are affected by an improper access control vulnerability that stores sensitive data under the web root. This allows remote attackers to directly request user.tsv and download a database containing user credentials. The CVE entry notes a network-exposed issue with ...

5CVSS6.6AI score0.01213EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/03/20 12:30 a.m.17 views

CVE-2008-6494

ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb...

5CVSS6.3AI score0.02229EPSS
Exploits0References2
Prion
Prion
added 2009/03/20 12:30 a.m.12 views

Improper access control

ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb...

5CVSS6.9AI score0.02229EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/03/20 12:0 a.m.20 views

CVE-2008-6494

ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb...

6.3AI score0.02229EPSS
Exploits0References2
CVE
CVE
added 2009/03/20 12:0 a.m.45 views

CVE-2008-6494

The CVE-2008-6494 entry concerns ASP User Engine.NET, where sensitive data is stored under the web root with insufficient access control. The underlying issue allows a remote attacker to download the database (users.mdb) by issuing a direct request. This is supported by the NVD description and as...

5CVSS6.5AI score0.02229EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/03/10 2:30 p.m.14 views

CVE-2009-0866

pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for extra/genbackup.php...

5CVSS6.3AI score0.02509EPSS
Exploits0References2
Prion
Prion
added 2009/03/10 2:30 p.m.10 views

Improper access control

pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for extra/genbackup.php...

5CVSS6.9AI score0.02509EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2009/03/10 2:0 p.m.22 views

CVE-2009-0866

pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for extra/genbackup.php...

6.3AI score0.02509EPSS
Exploits0References2
Prion
Prion
added 2009/03/06 6:50 a.m.10 views

Improper access control

Team Board 1.x and 2.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for data/team.mdb...

5CVSS6.9AI score0.02459EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2009/03/05 8:30 p.m.13 views

Improper access control

PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request...

5CVSS7.2AI score0.0251EPSS
Exploits1References4
NVD
NVD
added 2009/03/05 8:30 p.m.14 views

CVE-2009-0827

PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request...

5CVSS6.7AI score0.0251EPSS
Exploits1References4
Prion
Prion
added 2009/03/05 8:30 p.m.16 views

Improper access control

QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct request...

5CVSS7AI score0.02873EPSS
Exploits0References3
CVE
CVE
added 2009/03/05 8:0 p.m.49 views

CVE-2009-0828

The CVE-2009-0828 entry concerns QuoteBook, where quotes.inc is stored under the web root with insufficient access control. The root cause is improper access restrictions, allowing remote attackers to directly access the database and obtain sensitive information, including user credentials. The a...

5CVSS6.7AI score0.02873EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/03/02 7:30 p.m.12 views

CVE-2008-6375

JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb...

5CVSS6.3AI score0.01176EPSS
Exploits1References2
Prion
Prion
added 2009/03/02 7:30 p.m.12 views

Improper access control

JBook stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to userids.mdb...

5CVSS6.8AI score0.01176EPSS
Exploits1References2
Prion
Prion
added 2009/03/02 7:30 p.m.12 views

Improper access control

Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb...

5CVSS6.8AI score0.02587EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/03/02 7:30 p.m.19 views

CVE-2008-6374

CodefixerSoftware MailingListPro Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to db/MailingList.mdb...

5CVSS6.2AI score0.02587EPSS
Exploits0References3
Prion
Prion
added 2009/03/02 7:30 p.m.8 views

Improper access control

ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb...

5CVSS6.8AI score0.0251EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/03/02 7:0 p.m.27 views

CVE-2008-6387

Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb...

6.3AI score0.02587EPSS
Exploits0References3
Rows per page
Query Builder