exploitDog

GHSA-jc8p-ggq2-cwcg

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Diskos CMS 6.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) artikler_prod.mdb or (2) medlemmer.mdb.

Diskos CMS 6.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) artikler_prod.mdb or (2) medlemmer.mdb.

Ссылки

EPSS

Процентиль: 88%

0.03844

Низкий

CVE ID

Связанные уязвимости

CVE-2009-4799

nvd

почти 16 лет назад

Diskos CMS 6.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) artikler_prod.mdb or (2) medlemmer.mdb.

EPSS

Процентиль: 88%

0.03844

Низкий

CVE ID