1369 matches found
CVE-2008-6052
PreProjects Pre E-Learning Portal stores dbelearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request...
Improper access control
MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request...
Improper access control
PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request...
Improper access control
PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request...
Improper access control
PreProjects Pre E-Learning Portal stores dbelearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request...
Improper access control
Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request...
CVE-2008-6052
PreProjects Pre E-Learning Portal stores dbelearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request...
CVE-2008-6051
MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request...
CVE-2008-6008
hyBook Guestbook Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for hyBook.mdb...
Improper access control
Katy Whitton BlogIt! stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request for database/Blog.mdb. NOTE: some of these details are obtained from third party...
CVE-2008-5981
PacPoll 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 poll.mdb or 2 poll97.mdb...
Improper access control
PacPoll 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 poll.mdb or 2 poll97.mdb...
Improper access control
Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for o12mail.mdb...
CVE-2008-5980
Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for o12mail.mdb...
CVE-2008-5981
PacPoll 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 poll.mdb or 2 poll97.mdb...
CVE-2008-5981
PacPoll 4.0 stores sensitive information under the web root with insufficient access control, allowing remote attackers to download a database via direct requests to poll.mdb or poll97.mdb. Affected component: PacPoll 4.0 web files; root cause: improper access restrictions leading to exposure of ...
CVE-2008-5967
admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require administrative authentication for an addupdate action, which allows remote attackers to upload a calendar aka .ics file with arbitrary content to the calendars/ directory outside the web root...
CVE-2008-5951
ASP Template Creature stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for workDB/templatemonster.mdb...
Improper access control
Wbstreet aka PHPSTREET Webboard 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request to connect.inc...
Improper access control
ASP Template Creature stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for workDB/templatemonster.mdb...