Lucene search

K

Codeavalanche Security Vulnerabilities

cve
cve

CVE-2008-5932

CodeAvalanche FreeForum stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for _private/CAForum.mdb. NOTE: some of these details are obtained from third party...

6.7AI Score

0.007EPSS

2009-01-21 06:30 PM
19
cve
cve

CVE-2008-5896

CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CARateMySite.mdb. NOTE: some of these details are obtained.....

6.7AI Score

0.022EPSS

2009-01-12 08:00 PM
27
cve
cve

CVE-2008-5899

CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFFAPage.mdb. NOTE: some of these details are obtained...

6.7AI Score

0.02EPSS

2009-01-12 08:00 PM
17
cve
cve

CVE-2008-5900

CodeAvalanche Articles stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAArticles.mdb. NOTE: some of these details are obtained...

6.7AI Score

0.022EPSS

2009-01-12 08:00 PM
24
cve
cve

CVE-2008-5897

CodeAvalanche FreeWallpaper stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFreeWallpaper.mdb. NOTE: some of these details are...

6.7AI Score

0.02EPSS

2009-01-12 08:00 PM
19
cve
cve

CVE-2008-5898

CodeAvalanche Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CADirectory.mdb. NOTE: some of these details are obtained...

6.7AI Score

0.022EPSS

2009-01-12 08:00 PM
24