1369 matches found
CVE-2008-6387
Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb...
CVE-2008-6388
CVE-2008-6388 concerns Rapid Classified 3.1 and 3.15, where the database file cldb.mdb is stored under the web root with insufficient access control. This design flaw permits remote attackers to download the database via a direct HTTP request, reflecting a network-based exposure with a reported C...
CVE-2008-6388
Rapid Classified 3.1 and 3.15 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to cldb.mdb...
CVE-2008-6387
The CVE-2008-6387 entry concerns Quick Tree View .NET 3.1, where sensitive data is stored under the web root with insufficient access control. The vulnerability allows remote attackers to download the database file directly (qtv.mdb). The connected documents reiterate the same description without...
CVE-2008-6355
The Net Guys ASPired2Protect stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to ASPired2Protect.mdb...
CVE-2008-6357
MyCal Personal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to mycal.mdb...
CVE-2008-6357
MyCal Personal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to mycal.mdb...
CVE-2008-6354
The CVE describes an insecure access control issue in Net Guys ASPired2poll that allows remote retrieval of the ASPired2poll.mdb database, exposing usernames and passwords. Affected component is the ASPired2poll web application; root cause is insufficient access control leading to direct web-acce...
CVE-2008-6356
evCal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to 1 evcal.mdb and 2 evcal97.mdb...
Improper access control
CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request...
CVE-2008-6321
CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request...
Improper access control
Downloadcenter 2.1 stores common.h under the web root with insufficient access control, which allows remote attackers to obtain user credentials and other sensitive information via a direct request. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
CVE-2009-0732
Downloadcenter 2.1 stores common.h under the web root with insufficient access control, which allows remote attackers to obtain user credentials and other sensitive information via a direct request. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
CVE-2008-6147
ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 data/8690.mdb or 2 data/8690BAK.mdb...
Improper access control
ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 data/8690.mdb or 2 data/8690BAK.mdb...
CVE-2009-0571
admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillist.php under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the backup directory...
CVE-2009-0571
admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillist.php under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the backup directory...
Improper access control
Virtual GuestBook vgbook 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to guestbook.mdb...
CVE-2008-6051
MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request...
CVE-2008-6055
PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request...