CVE-2007-0156

Properties

Published:
08.01.2007
Updated:
10.01.2007
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Product:
M-Core: M-Core

Vulnerability description

M-Core stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to db/uyelik.mdb.

References:

BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/456235/100/0/threaded
XF: http://xforce.iss.net/xforce/xfdb/31340