Freedville : Security Vulnerabilities, CVEs,
QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct request.
Max CVSS
5.0
EPSS Score
0.28%
Published
2009-03-05
Updated
2017-09-29
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.
Max CVSS
5.0
EPSS Score
0.82%
Published
2009-03-05
Updated
2017-09-29
BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.
Max CVSS
5.0
EPSS Score
0.66%
Published
2009-03-05
Updated
2017-09-29
3 vulnerabilities found