NewsTraXor Website Management Script 2.9 Beta - Database Disclosure

EDB-ID:

24039

CVE:

N/A


Platform:

ASP

Published:

2004-04-22

source: http://www.securityfocus.com/bid/10194/info

Reportedly NewsTraXor is affected by a remote database disclosure vulnerability. This issue is due to a design error that allows the database file to be globally readable.

This issue may allow a remote attacker to gain unauthorized administrative access to the affected web application.

www.example.com/news/Dbase/nTrax.mdb