6 matches found
WineGlass数据库敏感信息泄露漏洞
WineGlass是一款维基应用程序。 WineGlass数据库访问限制不正确,远程攻击者可以利用漏洞获得敏感信息。 直接下载在WEB ROOT目录中的data.mdb文件,可导致获得用户名和密码信息。 WineGlass 1.x 目前没有解决方案提供...
Improper access control
WineGlass stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/data.mdb...
CVE-2007-0090
WineGlass stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/data.mdb...
CVE-2007-0090
WineGlass stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for db/data.mdb...
CVE-2007-0090
CVE-2007-0090 concerns WineGlass, where sensitive information is stored under the web root with insufficient access control. The issue enables remote attackers to download a database containing passwords by requesting the file path db/data.mdb directly. The vulnerability impacts the confidentiali...
WineGlass "data.mdb" Remote Password Disclosure
ARIA-SECURITY TEAM Forum: http://aria-security.com Discovered by:Aria-Security Team Type:Remote Password Disclosure Vendor:http://www.fermentigrafici.it/wineglass/ PoC: http://target/db/data.mdb Contact: [email protected] http://aria-security.com/forum/showthread.php?p=112...