RSS   Vulnerabilities for 'Forumapp'   RSS

2009-02-16
 
CVE-2008-6147

CWE-264
 

 
ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/8690.mdb or (2) data/8690BAK.mdb.

 


Copyright 2019, cxsecurity.com

 

Back to Top