RSS   Vulnerabilities for 'Aspired2quote'   RSS

2009-01-12
 
CVE-2008-5885

CWE-264
 

 
The Net Guys ASPired2Quote stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for admin/quote.mdb. NOTE: some of these details are obtained from third party information.

 

 >>> Vendor: Thenetguys 3 Products
Aspired2quote
Aspired2poll
Aspired2protect


Copyright 2017, cxsecurity.com

 

Back to Top