Vulnerability Details CVE-2008-4511
Todd Woolums ASP News Management, possibly 2.21, stores db/news.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://securityreason.com/securityalert/4380
- http://www.securityfocus.com/archive/1/496787/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45838
- http://securityreason.com/securityalert/4380
- http://www.securityfocus.com/archive/1/496787/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45838
Products affected by CVE-2008-4511
-
cpe:2.3:a:todd_woolums:asp_news_management:*
-
cpe:2.3:a:todd_woolums:asp_news_management:2.21