pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for extra/genbackup.php.
Max CVSS
5.0
EPSS Score
0.32%
Published
2009-03-10
Updated
2017-09-29
1 vulnerabilities found