Vulnerabilities > Codeavalanche

DATE CVE VULNERABILITY TITLE RISK
2009-01-21 CVE-2008-5932 Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Freeforum NIL
CodeAvalanche FreeForum stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for _private/CAForum.mdb.
network
low complexity
codeavalanche CWE-264
5.0
5.0
2009-01-12 CVE-2008-5900 Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Articles NIL
CodeAvalanche Articles stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAArticles.mdb.
network
low complexity
codeavalanche CWE-264
7.5
7.5
2009-01-12 CVE-2008-5899 Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Freeforall NIL
CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFFAPage.mdb.
network
low complexity
codeavalanche CWE-264
7.5
7.5
2009-01-12 CVE-2008-5898 Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Directory NIL
CodeAvalanche Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CADirectory.mdb.
network
low complexity
codeavalanche CWE-264
7.5
7.5
2009-01-12 CVE-2008-5897 Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Freewallpaper NIL
CodeAvalanche FreeWallpaper stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFreeWallpaper.mdb.
network
low complexity
codeavalanche CWE-264
7.5
7.5
2009-01-12 CVE-2008-5896 Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Ratemysite NIL
CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CARateMySite.mdb.
network
low complexity
codeavalanche CWE-264
7.5
7.5