Vulnerabilities for Ms-pro portal scripti (...) - CXSECURITY.COM

Vulnerabilities for 'Ms-pro portal scripti'

2010-04-13

CVE-2009-4766

CWE-264

YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for galeri/database/db.mdb.

Copyright 2024, cxsecurity.com