RSS   Podatności dla 'Dblog cms'   RSS

2007-09-21
 
CVE-2007-5026

CWE-264
 

 
dBlog CMS, probably 2.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing an admin password hash via a direct request for dblog.mdb.

 


Copyright 2024, cxsecurity.com

 

Back to Top