Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb.
References
Link | Resource |
---|---|
http://packetstormsecurity.org/1010-exploits/kisiselradyoscript-disclose.txt | Exploit |
http://secunia.com/advisories/41816 | Vendor Advisory |
http://www.exploit-db.com/exploits/15270 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:21:04
Updated: 2022-10-03T16:21:04
Reserved: 2022-10-03T00:00:00
Link: CVE-2010-4145
JSON object: View
NVD Information
Status : Analyzed
Published: 2010-11-02T02:26:21.100
Modified: 2010-11-03T04:00:00.000
Link: CVE-2010-4145
JSON object: View
Redhat Information
No data.
CWE