NewsTraXor Website Management Script 2.9 Beta - Database Disclosure

EDB-ID:

24039

CVE:

N/A




Platform:

ASP

Date:

2004-04-22


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

source: https://www.securityfocus.com/bid/10194/info

Reportedly NewsTraXor is affected by a remote database disclosure vulnerability. This issue is due to a design error that allows the database file to be globally readable.

This issue may allow a remote attacker to gain unauthorized administrative access to the affected web application.

www.example.com/news/Dbase/nTrax.mdb