Vulnerabilities > CVE-2007-3146 - Information Disclosure vulnerability in ZEN Help Desk Software ZEN Help Desk 2.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Zen Help Desk 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for ZenHelpDesk.mdb.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |