1369 matches found
CVE-2008-5896
CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for private/CARateMySite.mdb. NOTE: some of these details are obtained...
Improper access control
TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for private/discussion.mdb. NOTE: some of these details are obtained from third part...
Improper access control
CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for private/CARateMySite.mdb. NOTE: some of these details are obtained...
Improper access control
CodeAvalanche Articles stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for private/CAArticles.mdb. NOTE: some of these details are obtained from...
Improper access control
iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for db/iyziforum.mdb. NOTE: some of these details are obtained from third party informatio...
CVE-2008-5896
CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for private/CARateMySite.mdb. NOTE: some of these details are obtained...
CVE-2008-5886
The CVE-2008-5886 issue affects TAKempis Discussion Web 4.0, where sensitive information is stored under the web root with insufficient access control. An attacker can directly request the file _private/discussion.mdb to download a password-containing database, exposing credentials and sensitive ...
CVE-2008-5897
CodeAvalanche FreeWallpaper is affected by an improper access control vulnerability that stores the administrator password database under the web root. An attacker can directly request the file _private/CAFreeWallpaper.mdb to download the database containing the administrator password. The CVE-20...
CVE-2008-5886
TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for private/discussion.mdb. NOTE: some of these details are obtained from third part...
Improper access control
Emefa Guestbook 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for guestbook.mdb...
CVE-2008-5852
Emefa Guestbook 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for guestbook.mdb...
CVE-2008-5853
Chilek Content Management System aka ChiCoMaS 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to 1 obtain database credentials via a direct request for config.inc or 2 read database backups via a request for a backu...
CVE-2008-5855
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt...
Improper access control
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt...
CVE-2008-5853
Chilek Content Management System aka ChiCoMaS 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to 1 obtain database credentials via a direct request for config.inc or 2 read database backups via a request for a backu...
CVE-2008-5765
WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for data/usr.txt...
CVE-2008-5780
Forest Blog 1.3.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing passwords via a direct request for blog.mdb...
Improper access control
Forest Blog 1.3.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing passwords via a direct request for blog.mdb...
Improper access control
Simple Text-File Login Script SiTeFiLo 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for slogusers.txt...
CVE-2008-5765
WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for data/usr.txt...