The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for database backups and stores the files under the web root with insufficient access control, which allows remote attackers to obtain sensitive information by downloading a backup file.
References
Configurations
History
21 Nov 2024, 00:14
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/21066 - Vendor Advisory | |
References | () http://securityreason.com/securityalert/1271 - | |
References | () http://securitytracker.com/id?1016515 - | |
References | () http://www.acid-root.new.fr/advisories/boastmachine.txt - | |
References | () http://www.securityfocus.com/archive/1/440306/100/0/threaded - |
Information
Published : 2006-07-25 13:22
Updated : 2024-11-21 00:14
NVD link : CVE-2006-3831
Mitre link : CVE-2006-3831
CVE.ORG link : CVE-2006-3831
JSON object : View
Products Affected
kailash_nadh
- boastmachine
CWE