Rapid Classified 3.1 and 3.15 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to cldb.mdb.
download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php.
ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/8690.mdb or (2) data/8690BAK.mdb.
PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
hyBook Guestbook Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for hyBook.mdb.
Ocean12 Membership Manager Pro stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12member.mdb.
Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.
Facto stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for database/facto.mdb. NOTE: some of these details are obtained from third party information.
Todd Woolums ASP News Management 2.2 allows remote attackers to obtain news items via a direct request to (1) rss.asp, (2) viewheadings.asp, or (3) viewnews.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Merlix Teamworx Server stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for teamworx.mdb.
Nightfall Personal Diary 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users-zza21.mdb.
WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for data/usr.txt.
Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
Ocean12 Contact Manager Pro 1.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12con.mdb.
ASPTicker 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for news.mdb.
Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for o12mail.mdb.
Emefa Guestbook 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for guestbook.mdb.
Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet."
TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for _private/discussion.mdb. NOTE: some of these details are obtained from third party information.
Ocean12 Poll Manager Pro 1.00 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12poll.mdb.
Gazatem QMail Mailing List Manager 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for qmail.mdb.
VP-ASP Shopping Cart 6.50 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database containing the password via a direct request for database/shopping650.mdb. NOTE: some of these details are obtained from third party information.
PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
PostEcards stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for postcards.mdb.
Nukedit 4.9.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for database/dbsite.mdb.
User Engine Lite ASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users.mdb.
Ikon AdManager 2.1 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for ikonBAnner_AdManager.mdb.
Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups via a request for a backup/ URI.
The Net Guys ASPired2Blog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for admin/blog.mdb. NOTE: some of these details are obtained from third party information.
MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request.
CodeAvalanche FreeForum stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for _private/CAForum.mdb. NOTE: some of these details are obtained from third party information.
xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism.
Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for db/cforum.mdb.
Professional Download Assistant 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for database/downloads.mdb.
The Net Guys ASPired2Quote stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for admin/quote.mdb. NOTE: some of these details are obtained from third party information.
MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/.
Semantically-Interconnected Online Communities (SIOC) 5.x before 5.x-1.2 and 6.x before 6.x-1.1, a module for Drupal, does not properly implement menu and database APIs, which allows remote attackers to obtain usernames and read hashed emails and comments via unspecified vectors.
PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.
Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database credentials via a direct request to connect.inc.
ASP AutoDealer stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for auto.mdb.
ASP-DEv XM Events Diary stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for diary.mdb.
ASP/MS Access Shoutbox, probably 1.1 beta, stores db/shoutdb.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.
8e6 R3000 Internet Filter 2.0.05.33, and other versions before 2.0.11, allows remote attackers to bypass intended restrictions via a fragmented HTTP request.
The Talk module 5.x before 5.x-1.3 and 6.x before 6.x-1.5, a module for Drupal, does not perform access checks for a node before displaying comments, which allows remote attackers to obtain sensitive information.
Google Chrome before 1.0.154.46 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls and other web script.
ROBS-PROJECTS Digital Sales IPN (aka DS-IPN.NET or DS-IPN Paypal Shop) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request for Database/Sales.mdb.
Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request.
curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563.
Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to determine the installation path, IP addresses, and error messages via direct requests to files under LOG/.