MPCSoftWeb 1.0 - Database Disclosure
| EKU-ID: 27990 | CVE: OSVDB-54147 | OSVDB-ID: |
| Author: drG4njubas | Published: 2003-04-21 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27990 | CVE: OSVDB-54147 | OSVDB-ID: |
| Author: drG4njubas | Published: 2003-04-21 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7390/info MPCSoftWeb does not sufficiently secure the database file. It is possible for remote attackers to request the database file and gain access to sensitive information such as administrative credentials for the guestbook. http://www.example.com/mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb