All Club CMS (ACCMS) 0.0.2 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database configuration information, including credentials, via a direct request to accms.dat.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
paul arbogast accms 0.0.1c |
||
paul arbogast accms 0.0.1a |
||
paul arbogast accms |
||
paul arbogast accms 0.0.1h |
||
paul arbogast accms 0.0.1f |
||
paul arbogast accms 0.0.1g |
||
paul arbogast accms 0.0.1d |
||
paul arbogast accms 0.0.1e |