NewsTraXor Website Management Script 2.9 Beta - Database Disclosure
EDB-ID:
24039
CVE:
N/A
Become a Certified Penetration Tester
Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)
GET CERTIFIED
source: https://www.securityfocus.com/bid/10194/info
Reportedly NewsTraXor is affected by a remote database disclosure vulnerability. This issue is due to a design error that allows the database file to be globally readable.
This issue may allow a remote attacker to gain unauthorized administrative access to the affected web application.
www.example.com/news/Dbase/nTrax.mdb