Vulnerabilities > R2Newsletter

DATE CVE VULNERABILITY TITLE RISK
2009-07-27 CVE-2009-2602 Permissions, Privileges, and Access Controls vulnerability in R2Newsletter products
R2 Newsletter Lite, Pro, and Stats stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for admin.mdb.
network
low complexity
r2newsletter CWE-264
5.0