CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4766

YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for galeri/database/db.mdb.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.2%

CVSS Severity

CVSS v2 Score 5.0

References

http://packetstormsecurity.org/1001-exploits/ypportal-disclose.txt
http://secunia.com/advisories/38119
http://www.osvdb.org/61467
http://packetstormsecurity.org/1001-exploits/ypportal-disclose.txt
http://secunia.com/advisories/38119
http://www.osvdb.org/61467

Products affected by CVE-2009-4766

Yasirpro » Ms-Pro Portal Scripti » Version: 1.0

cpe:2.3:a:yasirpro:ms-pro_portal_scripti:1.0
Yasirpro » Ms-Pro Portal Scripti » Version: 1.2

cpe:2.3:a:yasirpro:ms-pro_portal_scripti:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4766

Products

Pricing

Contact Us